General

  • Target

    acl firewall.rtf

  • Size

    1KB

  • Sample

    201121-19pdjr5wle

  • MD5

    a96fcc8367b78ab708a23e2426c2978d

  • SHA1

    5ad78c8ac5767a1d9687136dab8c966af5191bf6

  • SHA256

    0b96038a6be8251415277d6649e9c2393825379c16ef81c44c12bf0a14f48640

  • SHA512

    89becca4ea3c050827a86a299034126efa27d98b0705619a5eabb7ea7b67e22baff78731b7ba2e7f70623e5e3f64dc58fce6c02b6f44b25c241d6c26858334f2

Score
7/10

Malware Config

Targets

    • Target

      acl firewall.rtf

    • Size

      1KB

    • MD5

      a96fcc8367b78ab708a23e2426c2978d

    • SHA1

      5ad78c8ac5767a1d9687136dab8c966af5191bf6

    • SHA256

      0b96038a6be8251415277d6649e9c2393825379c16ef81c44c12bf0a14f48640

    • SHA512

      89becca4ea3c050827a86a299034126efa27d98b0705619a5eabb7ea7b67e22baff78731b7ba2e7f70623e5e3f64dc58fce6c02b6f44b25c241d6c26858334f2

    Score
    7/10
    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Modify Registry

1
T1112

Credential Access

Credentials in Files

1
T1081

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Collection

Data from Local System

1
T1005

Tasks