General
-
Target
build.exe
-
Size
1.6MB
-
Sample
240902-fmadpsscmn
-
MD5
bdd8720f26b3c7a8571a19be138d104c
-
SHA1
1703280d57df7ed7f0fb0ba07e4db9e920bc7888
-
SHA256
6e5d248ddb830cd208fc28cd6c8a67f1de3cfc2f08ce17ca6628094ab5b2c0b0
-
SHA512
f66d40d32c72cb4ad4cd0d757e7d7a2265a5a388751fb802a22278e44c6d57145854de403b646cef7b0a12a9ea1d6877628bc640e95626b879337450c001af30
-
SSDEEP
49152:skTq24GjdGSiqkqXfd+/9AqYanieKdsB:s1EjdGSiqkqXf0FLYW
Behavioral task
behavioral1
Sample
build.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
build.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
stealerium
https://discord.com/api/webhooks/1200737559454699621/mFXBB-ZPPDQWIQJYiv55QprpsoLEFc02oIhLL6DCGzur6yESPcQzMQDCm4PwbSt9Fgxj
Targets
-
-
Target
build.exe
-
Size
1.6MB
-
MD5
bdd8720f26b3c7a8571a19be138d104c
-
SHA1
1703280d57df7ed7f0fb0ba07e4db9e920bc7888
-
SHA256
6e5d248ddb830cd208fc28cd6c8a67f1de3cfc2f08ce17ca6628094ab5b2c0b0
-
SHA512
f66d40d32c72cb4ad4cd0d757e7d7a2265a5a388751fb802a22278e44c6d57145854de403b646cef7b0a12a9ea1d6877628bc640e95626b879337450c001af30
-
SSDEEP
49152:skTq24GjdGSiqkqXfd+/9AqYanieKdsB:s1EjdGSiqkqXf0FLYW
-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Accesses Microsoft Outlook profiles
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1