General

  • Target

    2820-1402-0x0000000000400000-0x000000000045F000-memory.dmp

  • Size

    380KB

  • Sample

    250507-sbvlqack2y

  • MD5

    fab4d0e3c82b8d2c9d52813b730d6550

  • SHA1

    a78dc053a44976dce7604c2547c18142f43b88c8

  • SHA256

    6d1a638ffec2e3f5d41c03086023a38a818ddda215228564d758f5d20dc8532c

  • SHA512

    482fd6c373a85144a4185e87c18ce7d24cebed17627bc28c73194a6d1894c763729f800f8826d96a536c5b67373208c87796e1763301866c827f47913ca7e01e

  • SSDEEP

    6144:ug8d1/w5KA81IJ8GpF6nuTmOOUZzEyIoiPsdux9y+r0TyQlg8p0DMuFCo:QjYKkJj6GmZUyyBFM9y+rUyQlEMg

Malware Config

Targets

    • Target

      2820-1402-0x0000000000400000-0x000000000045F000-memory.dmp

    • Size

      380KB

    • MD5

      fab4d0e3c82b8d2c9d52813b730d6550

    • SHA1

      a78dc053a44976dce7604c2547c18142f43b88c8

    • SHA256

      6d1a638ffec2e3f5d41c03086023a38a818ddda215228564d758f5d20dc8532c

    • SHA512

      482fd6c373a85144a4185e87c18ce7d24cebed17627bc28c73194a6d1894c763729f800f8826d96a536c5b67373208c87796e1763301866c827f47913ca7e01e

    • SSDEEP

      6144:ug8d1/w5KA81IJ8GpF6nuTmOOUZzEyIoiPsdux9y+r0TyQlg8p0DMuFCo:QjYKkJj6GmZUyyBFM9y+rUyQlEMg

    • Reads WinSCP keys stored on the system

      Tries to access WinSCP stored sessions.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v16

Tasks