AutoIt Credential Flusher
Tags
attack-pattern: Credentials - T1589.001 Malware - T1587.001 Malware - T1588.001
Show in Graph
Common Information
Type Value
UUID 539979cb-8d18-433a-99cd-67e9948507cb
Fingerprint b3ecca960e2f6606
Analysis status DONE
Considered CTI value 2
Text language
Published Sept. 11, 2024, midnight
Added to db Sept. 12, 2024, 6:16 a.m.
Last updated Nov. 14, 2024, 2:04 p.m.
Headline AutoIt Credential Flusher
Title AutoIt Credential Flusher
Detected Hints/Tags/Attributes 16/1/16
Source URLs
Redirection Url
Details Source https://research.openanalysis.net/credflusher/kiosk/stealer/stealc/amadey/autoit/2024/09/11/cred-flusher.html
URL Provider
Details Provider Source level domain
Details openanalysis.net research.openanalysis.net
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 207 OALABS Research https://research.openanalysis.net/feed.xml 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details File 8 
random.exe
Details File 128 
msedge.exe
Details File 1 
c:\program files\microsoft\edge\application\msedge.exe
Details File 271 
chrome.exe
Details File 52 
c:\program files\google\chrome\application\chrome.exe
Details File 9 
c:\program files\bravesoftware\brave-browser\application\brave.exe
Details File 15 
brave.exe
Details sha256 2 
b119eb3e182224d5399b12f7f106ffd27a0f12dd418a64aa23425000adbc44de
Details sha256 2 
53aeb2fd2ee3a30d29afce4d852e4b33e96b0c473240691d6d63796caa3016f2
Details sha256 3 
78f4bcd5439f72e13af6e96ac3722fee9e5373dae844da088226158c9e81a078
Details sha256 2 
0ec952da5d48ceb59202823d7549139eb024b55d93c2eaf98ca6fa99210b4608
Details sha256 2 
99e3eaac03d77c6b24ebd5a17326ba051788d58f1f1d4aa6871310419a85d8af
Details IPv4 3 
31.41.244.11
Details Url 2 
http://31.41.244.11/steam/random.exe
Details Url 2 
http://31.41.244.11/well/random.exe
Details Url 3 
https://accounts.google.com/servicelogin?service=accountsettings&continue=https://myaccount.google.com/signinoptions/password