General
-
Target
ebaa8533f6f05ddb6bacd5e8a28d08c5eecbc696c32d3c1521b6a4ac9494e04f
-
Size
1.5MB
-
Sample
240914-n1hagasbpq
-
MD5
73242577c27ba46a1e13320688156b53
-
SHA1
bc3027a78a791d2ed371e96293dfb4af8060893b
-
SHA256
ebaa8533f6f05ddb6bacd5e8a28d08c5eecbc696c32d3c1521b6a4ac9494e04f
-
SHA512
f19216a9a496b17f6455001b0f1c2daf0acfcd4533a7ed171a8619613538f4d50090f81001accc2bdcf463e3cbda91ebd9628e8484d422141e1eca09f06a2fda
-
SSDEEP
24576:38KLbnHzGSbHFukT8Mle7q7LLS/85RkVtxjsE9DzIQtZW:380TG8FukT80eULSUfkV7j
Malware Config
Targets
-
-
Target
ebaa8533f6f05ddb6bacd5e8a28d08c5eecbc696c32d3c1521b6a4ac9494e04f
-
Size
1.5MB
-
MD5
73242577c27ba46a1e13320688156b53
-
SHA1
bc3027a78a791d2ed371e96293dfb4af8060893b
-
SHA256
ebaa8533f6f05ddb6bacd5e8a28d08c5eecbc696c32d3c1521b6a4ac9494e04f
-
SHA512
f19216a9a496b17f6455001b0f1c2daf0acfcd4533a7ed171a8619613538f4d50090f81001accc2bdcf463e3cbda91ebd9628e8484d422141e1eca09f06a2fda
-
SSDEEP
24576:38KLbnHzGSbHFukT8Mle7q7LLS/85RkVtxjsE9DzIQtZW:380TG8FukT80eULSUfkV7j
Score9/10-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Credentials from Password Stores: Windows Credential Manager
Suspicious access to Credentials History.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
2Subvert Trust Controls
1Install Root Certificate
1Credential Access
Credentials from Password Stores
2Credentials from Web Browsers
1Windows Credential Manager
1Unsecured Credentials
1Credentials In Files
1