General
-
Target
99d51f3bd716206866e203c8a5db2c62f9835f0a96b249f1afba3a55a2ab0707
-
Size
85KB
-
Sample
241017-xv5cgs1clf
-
MD5
44dd63b68944e8f52a35844976de9785
-
SHA1
bdb670b5ffdb60fe5279d8bcd360f4bbe20a3f76
-
SHA256
99d51f3bd716206866e203c8a5db2c62f9835f0a96b249f1afba3a55a2ab0707
-
SHA512
0fce1c1bc1e81dcf4bcd05d62d9276a87f229459fede92c40e05ed6f9eff2fd842fe94ea5b2fe0c7060143155a5c28469ecca70861910281606e5c90a1d85610
-
SSDEEP
768:h7D4apQFJFKZj1PVs9Ag1vzblhcCnFXNs0NfkprU/xvyyztoZU9QZU9A:h7Dacx1aeg1vjrI9U/xvyyuzb
Malware Config
Targets
-
-
Target
99d51f3bd716206866e203c8a5db2c62f9835f0a96b249f1afba3a55a2ab0707
-
Size
85KB
-
MD5
44dd63b68944e8f52a35844976de9785
-
SHA1
bdb670b5ffdb60fe5279d8bcd360f4bbe20a3f76
-
SHA256
99d51f3bd716206866e203c8a5db2c62f9835f0a96b249f1afba3a55a2ab0707
-
SHA512
0fce1c1bc1e81dcf4bcd05d62d9276a87f229459fede92c40e05ed6f9eff2fd842fe94ea5b2fe0c7060143155a5c28469ecca70861910281606e5c90a1d85610
-
SSDEEP
768:h7D4apQFJFKZj1PVs9Ag1vzblhcCnFXNs0NfkprU/xvyyztoZU9QZU9A:h7Dacx1aeg1vjrI9U/xvyyuzb
Score7/10-
Deletes itself
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1