General

  • Target

    ecfa23f37c15105635b10d8483c47a74e42269bfd40d67aaecc99829b577e0d0.exe

  • Size

    123KB

  • Sample

    241116-rv6mnaybmp

  • MD5

    fd8c5d7b0ba89478b2f584607472519d

  • SHA1

    c13228905164cf243cc57766816063ce3139eeb8

  • SHA256

    ecfa23f37c15105635b10d8483c47a74e42269bfd40d67aaecc99829b577e0d0

  • SHA512

    2350aa6793540da91cc4fc76ae8a92d4105aa8ad7beb01038c7c4f9c844697ea5d6655e9fb1a118648db98ebc5954b2fc9feb052f161e0a54508114e004d0b3b

  • SSDEEP

    3072:DaRYs5x8srmjKtswjxQn9jzVtGlEjqZ4x/1QOEp3jh:Rsssz1Q9jzVtGlEjqZ4xt

Malware Config

Targets

    • Target

      ecfa23f37c15105635b10d8483c47a74e42269bfd40d67aaecc99829b577e0d0.exe

    • Size

      123KB

    • MD5

      fd8c5d7b0ba89478b2f584607472519d

    • SHA1

      c13228905164cf243cc57766816063ce3139eeb8

    • SHA256

      ecfa23f37c15105635b10d8483c47a74e42269bfd40d67aaecc99829b577e0d0

    • SHA512

      2350aa6793540da91cc4fc76ae8a92d4105aa8ad7beb01038c7c4f9c844697ea5d6655e9fb1a118648db98ebc5954b2fc9feb052f161e0a54508114e004d0b3b

    • SSDEEP

      3072:DaRYs5x8srmjKtswjxQn9jzVtGlEjqZ4x/1QOEp3jh:Rsssz1Q9jzVtGlEjqZ4xt

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses Microsoft Outlook profiles

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks