General
-
Target
89629f2368b669401b684c3a9a323c6fbf25b2b23ce30e7bc14f3f1b4e9574bf
-
Size
5.1MB
-
Sample
240725-2m1fsazbml
-
MD5
166fc040e20722c680a1ed85832299b0
-
SHA1
1f086f49699b5acaff8967c076c1e9400d273b25
-
SHA256
89629f2368b669401b684c3a9a323c6fbf25b2b23ce30e7bc14f3f1b4e9574bf
-
SHA512
88dd0d058239320a9a2fd77f5924fbd53ed6f8ae53e1e4301f5a5b8bda6d40aa94faab51619da25cead3e97427f4675a0db71d9a43908d2dcf9e3987683912a3
-
SSDEEP
98304:FVfBiLEngEoRCEEyr2ooxVHyStQT0Q7VXDe6xeug:FV5isgZRCEEy7oyStQ1xh
Malware Config
Targets
-
-
Target
89629f2368b669401b684c3a9a323c6fbf25b2b23ce30e7bc14f3f1b4e9574bf
-
Size
5.1MB
-
MD5
166fc040e20722c680a1ed85832299b0
-
SHA1
1f086f49699b5acaff8967c076c1e9400d273b25
-
SHA256
89629f2368b669401b684c3a9a323c6fbf25b2b23ce30e7bc14f3f1b4e9574bf
-
SHA512
88dd0d058239320a9a2fd77f5924fbd53ed6f8ae53e1e4301f5a5b8bda6d40aa94faab51619da25cead3e97427f4675a0db71d9a43908d2dcf9e3987683912a3
-
SSDEEP
98304:FVfBiLEngEoRCEEyr2ooxVHyStQT0Q7VXDe6xeug:FV5isgZRCEEy7oyStQ1xh
Score9/10-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Reads WinSCP keys stored on the system
Tries to access WinSCP stored sessions.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
2Credentials In Files
1Credentials in Registry
1