General

  • Target

    0c0bfb4ba1896d85fed3fc5995cb7adea8a0a036a632ccccb25e3fb3373b37a6

  • Size

    158KB

  • Sample

    241116-pxycyswkdz

  • MD5

    cecfaded34322bf4a0a479cc89e782f7

  • SHA1

    bbc3e0835e38596d8759d5bc5c0299d5612ee711

  • SHA256

    0c0bfb4ba1896d85fed3fc5995cb7adea8a0a036a632ccccb25e3fb3373b37a6

  • SHA512

    9cc38363075440fa606dd395095d1bd7f4a9a5345be8bdcd431b2cb553c251963d916f0f3ee1a847caccc24ff121d5e26ae88b90f0a8f8234a1cd8606d279390

  • SSDEEP

    3072:45eDtWZSDvIK74PhITUNvI8NFSqC3w3T9byyCkfo6:j45Nw83lfz

Malware Config

Targets

    • Target

      0c0bfb4ba1896d85fed3fc5995cb7adea8a0a036a632ccccb25e3fb3373b37a6

    • Size

      158KB

    • MD5

      cecfaded34322bf4a0a479cc89e782f7

    • SHA1

      bbc3e0835e38596d8759d5bc5c0299d5612ee711

    • SHA256

      0c0bfb4ba1896d85fed3fc5995cb7adea8a0a036a632ccccb25e3fb3373b37a6

    • SHA512

      9cc38363075440fa606dd395095d1bd7f4a9a5345be8bdcd431b2cb553c251963d916f0f3ee1a847caccc24ff121d5e26ae88b90f0a8f8234a1cd8606d279390

    • SSDEEP

      3072:45eDtWZSDvIK74PhITUNvI8NFSqC3w3T9byyCkfo6:j45Nw83lfz

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses Microsoft Outlook profiles

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks