General

  • Target

    main.exe

  • Size

    24.2MB

  • Sample

    241204-265vlswmay

  • MD5

    d4deba339c060fb46ed3d55c5c448f25

  • SHA1

    ead1d646b0150cc3872eab8d53edbcecbdd7e672

  • SHA256

    846a19243d1b39b9c356ec9477878fba8647aa00f3800533ea07e3ceab48d793

  • SHA512

    cd9d161d6560ffac89c809d84e0d399dcbe3392db0298f286f05a0e0c33a1f2ee9e63c49720de32df4de634b27e4d6a4dbbf9c836c8c6b8da4950f561e20f412

  • SSDEEP

    393216:cqPnLFXlrrMYoDQTiDOETgsvcG0VgOtg4HpMpD8aCmmdA7mPrs:NPLFXNrNoDQTTE0BtgftTR7b

Malware Config

Targets

    • Target

      main.exe

    • Size

      24.2MB

    • MD5

      d4deba339c060fb46ed3d55c5c448f25

    • SHA1

      ead1d646b0150cc3872eab8d53edbcecbdd7e672

    • SHA256

      846a19243d1b39b9c356ec9477878fba8647aa00f3800533ea07e3ceab48d793

    • SHA512

      cd9d161d6560ffac89c809d84e0d399dcbe3392db0298f286f05a0e0c33a1f2ee9e63c49720de32df4de634b27e4d6a4dbbf9c836c8c6b8da4950f561e20f412

    • SSDEEP

      393216:cqPnLFXlrrMYoDQTiDOETgsvcG0VgOtg4HpMpD8aCmmdA7mPrs:NPLFXNrNoDQTTE0BtgftTR7b

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.