General

  • Target

    f33a0556ba844ec2745fceff565bdacaf0b26412b940dbf19b4ca97013057842.exe

  • Size

    1.8MB

  • Sample

    241116-sa83qaydjq

  • MD5

    5526f8b855b92a67fbdfa72a46efbe28

  • SHA1

    593100b5694703f31613adbc6f8ccecfc1950a45

  • SHA256

    f33a0556ba844ec2745fceff565bdacaf0b26412b940dbf19b4ca97013057842

  • SHA512

    deb34b0a60300516dcf2806a4a9201e4205703bca27f563013c49c3a711c442f1876b719901cd2c634b0f1b9760bdba970456b852335e36dda17a81960c80b90

  • SSDEEP

    24576:APgPjwrmemcbk5ehMEP6h0lhSMXlzuRfqYc4w79fmCKFTN:mUNmk5ejuncdf

Malware Config

Targets

    • Target

      f33a0556ba844ec2745fceff565bdacaf0b26412b940dbf19b4ca97013057842.exe

    • Size

      1.8MB

    • MD5

      5526f8b855b92a67fbdfa72a46efbe28

    • SHA1

      593100b5694703f31613adbc6f8ccecfc1950a45

    • SHA256

      f33a0556ba844ec2745fceff565bdacaf0b26412b940dbf19b4ca97013057842

    • SHA512

      deb34b0a60300516dcf2806a4a9201e4205703bca27f563013c49c3a711c442f1876b719901cd2c634b0f1b9760bdba970456b852335e36dda17a81960c80b90

    • SSDEEP

      24576:APgPjwrmemcbk5ehMEP6h0lhSMXlzuRfqYc4w79fmCKFTN:mUNmk5ejuncdf

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses Microsoft Outlook profiles

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks