General

  • Target

    0e08ddf6

  • Size

    62.4MB

  • Sample

    241021-sqh68szelq

  • MD5

    9f67178a588a07bb2761626aef833ef4

  • SHA1

    f46e21cfc1b3cb4d334519e059f628028463f598

  • SHA256

    1fbdffda947b5589d6ce528e48b2aa905d7bc9c31c415151d57deb44ac9deb36

  • SHA512

    52c1e1355d69e37f8539a0a8f85eb3ed1421350879b6e255e7a5c13afa01564ea090fe5b74d6028309563246586b36feec7597855dab850b53d2868738a69699

  • SSDEEP

    1572864:AQtjLX5WJoWbgWRSgkNOXWxtQSNxW+eH43yxpCmT9pTy:AGX5M3gbcKCVI3uLT

Malware Config

Targets

    • Target

      0e08ddf6

    • Size

      62.4MB

    • MD5

      9f67178a588a07bb2761626aef833ef4

    • SHA1

      f46e21cfc1b3cb4d334519e059f628028463f598

    • SHA256

      1fbdffda947b5589d6ce528e48b2aa905d7bc9c31c415151d57deb44ac9deb36

    • SHA512

      52c1e1355d69e37f8539a0a8f85eb3ed1421350879b6e255e7a5c13afa01564ea090fe5b74d6028309563246586b36feec7597855dab850b53d2868738a69699

    • SSDEEP

      1572864:AQtjLX5WJoWbgWRSgkNOXWxtQSNxW+eH43yxpCmT9pTy:AGX5M3gbcKCVI3uLT

    Score
    7/10
    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks