General

  • Target

    Spoofer v2.exe

  • Size

    10.5MB

  • Sample

    250115-1mrcfawkgy

  • MD5

    b8f7d5832caa0bc81948099ca0060a2a

  • SHA1

    2aa4972f340c0e09096e02210a8dced8c3e52294

  • SHA256

    5f43fe087f9d7380bb978cd843a1aa8e4bdf3e5d527c0398dcc4cc552058503f

  • SHA512

    9451ff4d843bc4fc802393dde8299696b4a219a247ffc40de717428d33ed0df6b1fddfd8e2b752ac157c55a88e576108d21c8e7e70f04654a4d33c84a3999827

  • SSDEEP

    196608:66OpjmEHa0Iwq3OQos23SlaDfyGgJwBdnpkYRM+8iaaS2:Wa0Iwq3Obs2ClaDfDgJc69KZ

Malware Config

Targets

    • Target

      Spoofer v2.exe

    • Size

      10.5MB

    • MD5

      b8f7d5832caa0bc81948099ca0060a2a

    • SHA1

      2aa4972f340c0e09096e02210a8dced8c3e52294

    • SHA256

      5f43fe087f9d7380bb978cd843a1aa8e4bdf3e5d527c0398dcc4cc552058503f

    • SHA512

      9451ff4d843bc4fc802393dde8299696b4a219a247ffc40de717428d33ed0df6b1fddfd8e2b752ac157c55a88e576108d21c8e7e70f04654a4d33c84a3999827

    • SSDEEP

      196608:66OpjmEHa0Iwq3OQos23SlaDfyGgJwBdnpkYRM+8iaaS2:Wa0Iwq3Obs2ClaDfDgJc69KZ

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks