General
-
Target
USBDeviceDriver.exe
-
Size
1.6MB
-
Sample
240904-wxbyaawbng
-
MD5
8bb47c1c13710fa7bf7855a2334e0320
-
SHA1
b74c43890ba61ca9235db411589675de145ec6b3
-
SHA256
90b1c4c43d707e4c08131998ea4446ebfbe2332a345c6bd8a02dbf6a6d727fef
-
SHA512
3757c461f06565c667244761037ed6360e16df542ee1d359a0ef11a5c7b7cdf69f204994f9b51b4dd473fb2b8ba532400963f878edd27f0d129ec84b9a0a206c
-
SSDEEP
49152:1cfTq24GjdGSiqkqXfd+/9AqYanieKdQc:1cOEjdGSiqkqXf0FLYW
Behavioral task
behavioral1
Sample
USBDeviceDriver.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
USBDeviceDriver.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
stealerium
https://discord.com/api/webhooks/1280954538882240714/-IAy8AvyNj5gjF0S97ZZ8O6jI_P1ift-VtFcpbDnQUeqUhVvVnGfe0pxykiP_UX3rGEq
Targets
-
-
Target
USBDeviceDriver.exe
-
Size
1.6MB
-
MD5
8bb47c1c13710fa7bf7855a2334e0320
-
SHA1
b74c43890ba61ca9235db411589675de145ec6b3
-
SHA256
90b1c4c43d707e4c08131998ea4446ebfbe2332a345c6bd8a02dbf6a6d727fef
-
SHA512
3757c461f06565c667244761037ed6360e16df542ee1d359a0ef11a5c7b7cdf69f204994f9b51b4dd473fb2b8ba532400963f878edd27f0d129ec84b9a0a206c
-
SSDEEP
49152:1cfTq24GjdGSiqkqXfd+/9AqYanieKdQc:1cOEjdGSiqkqXf0FLYW
-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Accesses Microsoft Outlook profiles
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1