General

  • Target

    P.O_310006132800154200.scr

  • Size

    426KB

  • Sample

    200630-sgrm9crkp6

  • MD5

    10edd461dae11be49d9c73cf57081b78

  • SHA1

    beeeee39d7496d6076b4aeb869acf70355b6b404

  • SHA256

    be6a3c4a0636cf4d05cdc8a58a42221d4e6358460d8dd7a679aebeeafe254a06

  • SHA512

    639ef485afd33fd4bcc947c220ebdd218e1b02bf1ccc20340c5494bf298faa2d7ecb53087ffd671511b800602ed2dfe2d9b84cffd93251b7c5abc9f6a5329968

Score
7/10

Malware Config

Targets

    • Target

      P.O_310006132800154200.scr

    • Size

      426KB

    • MD5

      10edd461dae11be49d9c73cf57081b78

    • SHA1

      beeeee39d7496d6076b4aeb869acf70355b6b404

    • SHA256

      be6a3c4a0636cf4d05cdc8a58a42221d4e6358460d8dd7a679aebeeafe254a06

    • SHA512

      639ef485afd33fd4bcc947c220ebdd218e1b02bf1ccc20340c5494bf298faa2d7ecb53087ffd671511b800602ed2dfe2d9b84cffd93251b7c5abc9f6a5329968

    Score
    7/10
    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Credential Access

Credentials in Files

2
T1081

Collection

Data from Local System

2
T1005

Tasks