General
-
Target
70601976ccafcd842cf413a269f70e7c.exe
-
Size
696KB
-
Sample
241031-jzd47swkdl
-
MD5
70601976ccafcd842cf413a269f70e7c
-
SHA1
bc582afa67b9000676edf999d1077d9c3d425f94
-
SHA256
a7d56a398503b0a313f781842427619c39f6d45eef285e2139e8e7e2d7640a6b
-
SHA512
f106c9106a195b276d4891dd052b73a29ea49938e47d508e1cb93cb33b1f104da8c60b7c8a0b4a359967522cda968bb9eed0e27abbe4620c6769e5100152a66b
-
SSDEEP
12288:Vnjrb7cQKwwSjBWBP225wg3Xkspj2P/zs4wOx8FF87Y3Ecgt/0hSiMHXfN:Vnj7hwS1WBP225DnkkqXzsz3RTE0hSiE
Static task
static1
Behavioral task
behavioral1
Sample
70601976ccafcd842cf413a269f70e7c.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
70601976ccafcd842cf413a269f70e7c.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
stealc
LogsDiller
http://45.88.105.105
-
url_path
/e88e05dfd1bdeeb9.php
Targets
-
-
Target
70601976ccafcd842cf413a269f70e7c.exe
-
Size
696KB
-
MD5
70601976ccafcd842cf413a269f70e7c
-
SHA1
bc582afa67b9000676edf999d1077d9c3d425f94
-
SHA256
a7d56a398503b0a313f781842427619c39f6d45eef285e2139e8e7e2d7640a6b
-
SHA512
f106c9106a195b276d4891dd052b73a29ea49938e47d508e1cb93cb33b1f104da8c60b7c8a0b4a359967522cda968bb9eed0e27abbe4620c6769e5100152a66b
-
SSDEEP
12288:Vnjrb7cQKwwSjBWBP225wg3Xkspj2P/zs4wOx8FF87Y3Ecgt/0hSiMHXfN:Vnj7hwS1WBP225DnkkqXzsz3RTE0hSiE
-
Stealc family
-
Uses browser remote debugging
Can be used control the browser and steal sensitive information such as credentials and session cookies.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Modify Authentication Process
1Steal Web Session Cookie
1Unsecured Credentials
1Credentials In Files
1