General
-
Target
f299a21673da1c7f3884cda4855d5177.exe
-
Size
634KB
-
Sample
241101-pwq79aypgy
-
MD5
f299a21673da1c7f3884cda4855d5177
-
SHA1
eb72ff743adb3f39e90e27684594b81c6cb7032d
-
SHA256
6094e2400b66c9d53bdd5f0de67d37705207af0283d00d531105ce0fee86f25b
-
SHA512
706a71cc55bd25b05ba5e6c097584636e56045b59ce3cf2e75fc87060770739bc5e4d35a189346fc1e604d6708a72765fd012bb0e3be604e6db45248df8071ea
-
SSDEEP
12288:vO0xCZjcMm39RYRosPzxxzFebqCp1KycMxymsraCZrBO:Lx8wM0RYBZFk/77cMZstBO
Static task
static1
Behavioral task
behavioral1
Sample
f299a21673da1c7f3884cda4855d5177.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
f299a21673da1c7f3884cda4855d5177.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
stealc
LogsDiller
http://95.215.207.176
-
url_path
/d8ddb681db736e16.php
Targets
-
-
Target
f299a21673da1c7f3884cda4855d5177.exe
-
Size
634KB
-
MD5
f299a21673da1c7f3884cda4855d5177
-
SHA1
eb72ff743adb3f39e90e27684594b81c6cb7032d
-
SHA256
6094e2400b66c9d53bdd5f0de67d37705207af0283d00d531105ce0fee86f25b
-
SHA512
706a71cc55bd25b05ba5e6c097584636e56045b59ce3cf2e75fc87060770739bc5e4d35a189346fc1e604d6708a72765fd012bb0e3be604e6db45248df8071ea
-
SSDEEP
12288:vO0xCZjcMm39RYRosPzxxzFebqCp1KycMxymsraCZrBO:Lx8wM0RYBZFk/77cMZstBO
-
Stealc family
-
Uses browser remote debugging
Can be used control the browser and steal sensitive information such as credentials and session cookies.
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Modify Authentication Process
1Steal Web Session Cookie
1Unsecured Credentials
1Credentials In Files
1