General
-
Target
cbf539751e6ef7624de831aae2f1855870b11b47b15572536749349f65e9f5c7.exe
-
Size
472KB
-
Sample
241121-ntcfmswnbp
-
MD5
d133cbea72078419724b6f11cc0e36f7
-
SHA1
2b2b850902e51f39d76c5a032b431e3ed675e5e3
-
SHA256
cbf539751e6ef7624de831aae2f1855870b11b47b15572536749349f65e9f5c7
-
SHA512
c77c247c2502be6aea421153f57939b8cd89f69c7143f97d399dbc626746126340d4713906da5a12e0541635da122d9bf804f85b76b56a50ef2436a51907dda2
-
SSDEEP
6144:ppMMVVbsmffCpJipqLXRTvczBZBH6wGFzfw3DThRtUA7c50M5iDcp/h8CAM:UtmfaXioLXpUzPBaws7w3vV5KV5iDZM
Malware Config
Targets
-
-
Target
cbf539751e6ef7624de831aae2f1855870b11b47b15572536749349f65e9f5c7.exe
-
Size
472KB
-
MD5
d133cbea72078419724b6f11cc0e36f7
-
SHA1
2b2b850902e51f39d76c5a032b431e3ed675e5e3
-
SHA256
cbf539751e6ef7624de831aae2f1855870b11b47b15572536749349f65e9f5c7
-
SHA512
c77c247c2502be6aea421153f57939b8cd89f69c7143f97d399dbc626746126340d4713906da5a12e0541635da122d9bf804f85b76b56a50ef2436a51907dda2
-
SSDEEP
6144:ppMMVVbsmffCpJipqLXRTvczBZBH6wGFzfw3DThRtUA7c50M5iDcp/h8CAM:UtmfaXioLXpUzPBaws7w3vV5KV5iDZM
Score8/10-
Contacts a large (966) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1