Overview

overview

9

Static

static

3

Cookie-LoggerV1.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Cookie-LoggerV1.exe

  • Size

    11.8MB

  • Sample

    240817-js5ctaycjn

  • MD5

    66111d5be5891f58653d85770cb6773c

  • SHA1

    061592ce4a461c98a3aca5638b9f83362f09a281

  • SHA256

    b05e79b2c9ce3b0f13b75295bb62edb0d32cc52b93daf4ef061be545296a4c22

  • SHA512

    e3a9f9da951f9af8b9e8f897fbef96cd9ffcabe26529c9a7bfe9b24e49b226b86c617e5a1a5bcf2914241077ce7e808dbb7502f2990566a034d8020111a3f725

  • SSDEEP

    196608:TG8dj2i/OCoDtutcV+ZqTfyahZc9yOdTfldN5PIC+4r3FZZaZ9gh20gkzDKM/q3n:btnaUKzf7hZcXRflf5PLZZQ9ugoDKMyL

Score
9/10
credential_accessdiscoveryspywarestealer

Malware Config

Targets

    • Target

      Cookie-LoggerV1.exe

    • Size

      11.8MB

    • MD5

      66111d5be5891f58653d85770cb6773c

    • SHA1

      061592ce4a461c98a3aca5638b9f83362f09a281

    • SHA256

      b05e79b2c9ce3b0f13b75295bb62edb0d32cc52b93daf4ef061be545296a4c22

    • SHA512

      e3a9f9da951f9af8b9e8f897fbef96cd9ffcabe26529c9a7bfe9b24e49b226b86c617e5a1a5bcf2914241077ce7e808dbb7502f2990566a034d8020111a3f725

    • SSDEEP

      196608:TG8dj2i/OCoDtutcV+ZqTfyahZc9yOdTfldN5PIC+4r3FZZaZ9gh20gkzDKM/q3n:btnaUKzf7hZcXRflf5PLZZQ9ugoDKMyL

    Score
    9/10
    credential_accessdiscoveryspywarestealer

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

      credential_accessstealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks