General

  • Target

    SOA JUNE.exe

  • Size

    423KB

  • Sample

    200630-tg6xsnwz8e

  • MD5

    2bd2c679db169a9fa222a6a441c4175c

  • SHA1

    d3f60828a53659af7f321eb7aa2514e5b8301dfd

  • SHA256

    5ffa79381d00485627b0ff787fc42dd88d2d6ecff3ee3d4007733d4ec2bf69db

  • SHA512

    57dcbfd1a2467a40268d5e1d40d587f32565fd1a3bfd8eb091f45ca8fc5ed89e3e09ef2bdc2de1ead41e2e4e4539a40a0ce95b2877b981a0c521122d36d72ecd

Score
7/10

Malware Config

Targets

    • Target

      SOA JUNE.exe

    • Size

      423KB

    • MD5

      2bd2c679db169a9fa222a6a441c4175c

    • SHA1

      d3f60828a53659af7f321eb7aa2514e5b8301dfd

    • SHA256

      5ffa79381d00485627b0ff787fc42dd88d2d6ecff3ee3d4007733d4ec2bf69db

    • SHA512

      57dcbfd1a2467a40268d5e1d40d587f32565fd1a3bfd8eb091f45ca8fc5ed89e3e09ef2bdc2de1ead41e2e4e4539a40a0ce95b2877b981a0c521122d36d72ecd

    Score
    7/10
    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Credential Access

Credentials in Files

2
T1081

Collection

Data from Local System

2
T1005

Tasks