General

  • Target

    000.exe

  • Size

    21.9MB

  • Sample

    241130-vzrabazkfs

  • MD5

    299af1f7eb2b84ffcd7ab0e8f40c9c04

  • SHA1

    7b709261e1efe4a5e5d2d2ddfb17f69ec7fd2bc4

  • SHA256

    dbb853669067d2959ad752b38451de8ba607714a67c045f09da7adad00e5157c

  • SHA512

    c83a6db9e1ecc3e74f5e037d51e1178e2d1388eae106e7b66836bd182c94899c8e544188043254a773bcf08b7d45c3d90764f9278c348733afc7130cc146aa1b

  • SSDEEP

    393216:pqPnLFXlrV7mH1y2DOxQMDOETgsPfGEHgBkevE4LxIqVjFQJiRm:gPLFXNZmH1y2OQRExOkXkIqVjF6

Malware Config

Targets

    • Target

      000.exe

    • Size

      21.9MB

    • MD5

      299af1f7eb2b84ffcd7ab0e8f40c9c04

    • SHA1

      7b709261e1efe4a5e5d2d2ddfb17f69ec7fd2bc4

    • SHA256

      dbb853669067d2959ad752b38451de8ba607714a67c045f09da7adad00e5157c

    • SHA512

      c83a6db9e1ecc3e74f5e037d51e1178e2d1388eae106e7b66836bd182c94899c8e544188043254a773bcf08b7d45c3d90764f9278c348733afc7130cc146aa1b

    • SSDEEP

      393216:pqPnLFXlrV7mH1y2DOxQMDOETgsPfGEHgBkevE4LxIqVjFQJiRm:gPLFXNZmH1y2OQRExOkXkIqVjF6

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks