General

  • Target

    c10f3851019766dbe669b6e5f82343c6ffdeb2c5271aa334e3303c2499b5effa.exe

  • Size

    204KB

  • Sample

    241107-rnfgwstflm

  • MD5

    d471f2415ef8f624a27ac8ef1a793a56

  • SHA1

    b984a1fcb75a3effd8f65765cd25c39ea4943477

  • SHA256

    c10f3851019766dbe669b6e5f82343c6ffdeb2c5271aa334e3303c2499b5effa

  • SHA512

    fb7eabd498ac25ae9c7bed9003c2e9d94d46942414b70cafb16eb0b47f3042cb44753663f343dc29a7f4e40f846bcac6f745f1e94c714f3d5ff3b522e547fc75

  • SSDEEP

    3072:8mDKW1LgppLRHMY0TBfJvjcTp5XZsbx2OwclP+yRp9FO:8mDKW1Lgbdl0TBBvjc/ZKw5qpG

Malware Config

Targets

    • Target

      c10f3851019766dbe669b6e5f82343c6ffdeb2c5271aa334e3303c2499b5effa.exe

    • Size

      204KB

    • MD5

      d471f2415ef8f624a27ac8ef1a793a56

    • SHA1

      b984a1fcb75a3effd8f65765cd25c39ea4943477

    • SHA256

      c10f3851019766dbe669b6e5f82343c6ffdeb2c5271aa334e3303c2499b5effa

    • SHA512

      fb7eabd498ac25ae9c7bed9003c2e9d94d46942414b70cafb16eb0b47f3042cb44753663f343dc29a7f4e40f846bcac6f745f1e94c714f3d5ff3b522e547fc75

    • SSDEEP

      3072:8mDKW1LgppLRHMY0TBfJvjcTp5XZsbx2OwclP+yRp9FO:8mDKW1Lgbdl0TBBvjc/ZKw5qpG

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses Microsoft Outlook profiles

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks