Overview

overview

9

Static

static

3

QUOTATION_...DF.scr

windows7-x64

9

QUOTATION_...DF.scr

windows10-2004-x64

9

Resubmissions

07-08-2024 16:09

240807-tl8rrs1anp 9

07-08-2024 15:57

240807-tebtfstfkg 9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    QUOTATION_AUGQTRA071244.z

  • Size

    1.3MB

  • Sample

    240807-tebtfstfkg

  • MD5

    d6a6c4289c4be850ae42b694a1f0175e

  • SHA1

    5588ad30743f8367f04663e005b4ff709d5c0ae2

  • SHA256

    ab7c131e3454dd76f35f66325d87795ee1840e82e46c99e5e1786f5caf3acbad

  • SHA512

    1ddaada2dec11274885f34186884f57f4660d32b6ee0021c77e5129fc32a0c99f8fe5ae0c92a290f4765313ca511d3abd913bec4fc530e41191a7dc9250639ed

  • SSDEEP

    24576:r7HAB/QJSEGzDHZT03aqJfCF4Z39OdC+3x2XpA6h+TCu0QxgLu/e3vvRMA3+5amC:PgB/ffTHOfCcC0X66af0ee/5V+5amM5T

Score
9/10
collectioncredential_accessdiscoverystealer

Malware Config

Targets

    • Target

      QUOTATION_AUGQTRA071244PDF.scr

    • Size

      1.7MB

    • MD5

      78f73110c28cb56959e9b263e6ebc045

    • SHA1

      b2b0dde6f86a722724fb1da7b7325280bb1b864f

    • SHA256

      78fa44260e6f4b18dbd7ad18d56ad9d55f0f46b54db4ec2e7aaeab6c5eaed5c0

    • SHA512

      a73dbed5ed8ab0cfbb378b0e821a3df5003e65028193396d94b8c87c44e02605eaf771a70b9ef45d8588d344b354b5904ddb44ced2b919147e6f7e80de499e8b

    • SSDEEP

      24576:k11K9kOHGhiXEhAvtNIk3xT73ggEbJHNLV5XV7nUB7M+bP8Q9t4zgaAfog7Iwchv:06m4j0kxrB8t55FTUB7M+3348aAgMdR

    Score
    9/10
    collectioncredential_accessdiscoverystealer

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

      credential_accessstealer

    • Accesses Microsoft Outlook profiles

      collection

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks