ea8fac7c65fb589b0d53560f5251f74f9e9b243478dcb6b3ea79b5e36449c8d9 | Triage

Resubmissions

21/08/2024, 14:28

240821-rtf1lsxalk 9

21/08/2024, 14:28

240821-rs9ljatcqb 1

21/08/2024, 14:24

240821-rqq2eatbnc 4

Sharing

Copy URL Twitter E-mail

General

Target

.
Size

1KB
Sample

240821-rtf1lsxalk
MD5

84238dfc8092e5d9c0dac8ef93371a07
SHA1

4a3ce8ee11e091dd7923f4d8c6e5b5e41ec7c047
SHA256

ea8fac7c65fb589b0d53560f5251f74f9e9b243478dcb6b3ea79b5e36449c8d9
SHA512

d06b93c883f8126a04589937a884032df031b05518eed9d433efb6447834df2596aebd500d69b8283e5702d988ed49655ae654c1683c7a4ae58bfa6b92f2b73a

Score

9^/10

credential_access discovery stealer

Malware Config

Targets

- Target
  
  .
- Size
  
  1KB
- MD5
  
  84238dfc8092e5d9c0dac8ef93371a07
- SHA1
  
  4a3ce8ee11e091dd7923f4d8c6e5b5e41ec7c047
- SHA256
  
  ea8fac7c65fb589b0d53560f5251f74f9e9b243478dcb6b3ea79b5e36449c8d9
- SHA512
  
  d06b93c883f8126a04589937a884032df031b05518eed9d433efb6447834df2596aebd500d69b8283e5702d988ed49655ae654c1683c7a4ae58bfa6b92f2b73a
Score

9^/10

credential_access discovery stealer
- Credentials from Password Stores: Credentials from Web Browsers
  Malicious Access or copy of Web Browser Credential store.
  credential_access stealer
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

credential_accessdiscoverystealer

behavioral2

behavioral3

behavioral4