General
-
Target
1b6b55065b7efbc052ea8d16ebdfca20N.exe
-
Size
336KB
-
Sample
240723-2zn9aaxaqc
-
MD5
1b6b55065b7efbc052ea8d16ebdfca20
-
SHA1
e1cd184eed07512e365780e40e312e37f49f218c
-
SHA256
8f42732f228366698a0937f5128834df4f3b159ce67b13706ba76f9bec591ccc
-
SHA512
8fb43f76bd5a43fdc6360df892ae8d406aca2f7e3f8e31a1b46c60d61951b237df54a93bd50e43ebfe095960062b63d4ef5613b3de99f6a256ca72bf9d479318
-
SSDEEP
6144:f6Zz5kismgTlhD21vfNct0QYonLsXRXdNmP84ynEd7ON9SzmzM0N4aYMCq:fmz5kismyONct8ong9dNEiEdaNUqwkz1
Malware Config
Targets
-
-
Target
1b6b55065b7efbc052ea8d16ebdfca20N.exe
-
Size
336KB
-
MD5
1b6b55065b7efbc052ea8d16ebdfca20
-
SHA1
e1cd184eed07512e365780e40e312e37f49f218c
-
SHA256
8f42732f228366698a0937f5128834df4f3b159ce67b13706ba76f9bec591ccc
-
SHA512
8fb43f76bd5a43fdc6360df892ae8d406aca2f7e3f8e31a1b46c60d61951b237df54a93bd50e43ebfe095960062b63d4ef5613b3de99f6a256ca72bf9d479318
-
SSDEEP
6144:f6Zz5kismgTlhD21vfNct0QYonLsXRXdNmP84ynEd7ON9SzmzM0N4aYMCq:fmz5kismyONct8ong9dNEiEdaNUqwkz1
Score9/10-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Credentials from Password Stores: Windows Credential Manager
Suspicious access to Credentials History.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
2Credentials from Web Browsers
1Windows Credential Manager
1Unsecured Credentials
1Credentials In Files
1