General

  • Target

    vgg spoofer.exe

  • Size

    1.2MB

  • Sample

    250120-pqa9vayqct

  • MD5

    edf1d1bcde5f2cd0d5589b3b733c4655

  • SHA1

    79594ecbacae74ecfafb5f2d69f25daeab4ce117

  • SHA256

    11a1d547318d1d736d7d92b9d9235717c274d368c57924e225ab30f0ce0008b8

  • SHA512

    a449286844107fea613eaaede89447336d1b6ba9a994e269f0cfffbbb010c49e90b271431d7ef171102602fda939a80e1b080072bc777909eaad39bbc67bbeba

  • SSDEEP

    24576:HRSkdifa+7k7wsAKaBApkF77RptGgjjsrdcAONdA22xVK8LRPo4WDD9/wr9WjvWp:I6iC+eAKrqLnXvW

Malware Config

Targets

    • Target

      vgg spoofer.exe

    • Size

      1.2MB

    • MD5

      edf1d1bcde5f2cd0d5589b3b733c4655

    • SHA1

      79594ecbacae74ecfafb5f2d69f25daeab4ce117

    • SHA256

      11a1d547318d1d736d7d92b9d9235717c274d368c57924e225ab30f0ce0008b8

    • SHA512

      a449286844107fea613eaaede89447336d1b6ba9a994e269f0cfffbbb010c49e90b271431d7ef171102602fda939a80e1b080072bc777909eaad39bbc67bbeba

    • SSDEEP

      24576:HRSkdifa+7k7wsAKaBApkF77RptGgjjsrdcAONdA22xVK8LRPo4WDD9/wr9WjvWp:I6iC+eAKrqLnXvW

    • Credentials from Password Stores: Windows Credential Manager

      Suspicious access to Credentials History.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks