General
-
Target
f50ca37fd6812eed8aa1f7ba53d1b22d3f0a4bf56fd3699e6aa065824d5f0761.exe
-
Size
394KB
-
Sample
241121-hvdr7stqfj
-
MD5
53d90dbc796d3cffef038539cd60ea74
-
SHA1
af874b03f6942b612717afd4336c1b389903677d
-
SHA256
f50ca37fd6812eed8aa1f7ba53d1b22d3f0a4bf56fd3699e6aa065824d5f0761
-
SHA512
be586502c68bf86a2b69d9ff51bcd84196a977fb6d5252afeca824e9826e6e25147f3494ff5e477985479781acb781a6ffee57471e06126a9ebf4e7698bfde3f
-
SSDEEP
6144:IpMM6Vg/fQXAVu1a/fId1E6dqi4py5WCNCxv:XyhEa/f6Ey1Kv
Malware Config
Targets
-
-
Target
f50ca37fd6812eed8aa1f7ba53d1b22d3f0a4bf56fd3699e6aa065824d5f0761.exe
-
Size
394KB
-
MD5
53d90dbc796d3cffef038539cd60ea74
-
SHA1
af874b03f6942b612717afd4336c1b389903677d
-
SHA256
f50ca37fd6812eed8aa1f7ba53d1b22d3f0a4bf56fd3699e6aa065824d5f0761
-
SHA512
be586502c68bf86a2b69d9ff51bcd84196a977fb6d5252afeca824e9826e6e25147f3494ff5e477985479781acb781a6ffee57471e06126a9ebf4e7698bfde3f
-
SSDEEP
6144:IpMM6Vg/fQXAVu1a/fId1E6dqi4py5WCNCxv:XyhEa/f6Ey1Kv
Score8/10-
Contacts a large (1046) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1