General
-
Target
lc.exe
-
Size
180KB
-
Sample
240711-2l2bpazdqe
-
MD5
7924c0f21738fab05f61102c0caf3da2
-
SHA1
09e6fd5797381eeb9ec60d5214f2932154636247
-
SHA256
9b29f5a1f0b6c270c90b343f4c6d0e0843201d687068dc5273cbf5074083609f
-
SHA512
cdb47c2d516cc448ffadb4cbb1a3574d1f04a00bad5e127343faa73da9be2b72e1d2e4337c7991655a5865a322636c4ba88a7f0b46f7a964de9e77d4796d0936
-
SSDEEP
3072:Ei65pVpgqCILIFgUhhPUHNl1xIhzUCpM69/KImQi/6ebW6kTg8Obk:itR6fhhPU+zUCpM69/KImQi/6ebl
Malware Config
Targets
-
-
Target
lc.exe
-
Size
180KB
-
MD5
7924c0f21738fab05f61102c0caf3da2
-
SHA1
09e6fd5797381eeb9ec60d5214f2932154636247
-
SHA256
9b29f5a1f0b6c270c90b343f4c6d0e0843201d687068dc5273cbf5074083609f
-
SHA512
cdb47c2d516cc448ffadb4cbb1a3574d1f04a00bad5e127343faa73da9be2b72e1d2e4337c7991655a5865a322636c4ba88a7f0b46f7a964de9e77d4796d0936
-
SSDEEP
3072:Ei65pVpgqCILIFgUhhPUHNl1xIhzUCpM69/KImQi/6ebW6kTg8Obk:itR6fhhPU+zUCpM69/KImQi/6ebl
Score10/10-
Modifies WinLogon for persistence
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Hide Artifacts: Hidden Files and Directories
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1