General

  • Target

    Parpack S.A.exe

  • Size

    611KB

  • Sample

    200707-pd3hyye3ma

  • MD5

    ed04b51ebb84647385acfcb066ff8ce1

  • SHA1

    fe2b40b2bfe4e92a8658895e9c571e02d0b90b2a

  • SHA256

    b73caeffe98a9035eefe1465bf9c883f306372f8b4ca2d18973fc18277781363

  • SHA512

    d6ded25b3e61f0b34fad695cc719d44168f3b3d0a0b82ca3e5ef2ee14f393c2fa0117239a51886e006ffc064609c0021cb10064de520b8a1ca03b719011bedb9

Malware Config

Targets

    • Target

      Parpack S.A.exe

    • Size

      611KB

    • MD5

      ed04b51ebb84647385acfcb066ff8ce1

    • SHA1

      fe2b40b2bfe4e92a8658895e9c571e02d0b90b2a

    • SHA256

      b73caeffe98a9035eefe1465bf9c883f306372f8b4ca2d18973fc18277781363

    • SHA512

      d6ded25b3e61f0b34fad695cc719d44168f3b3d0a0b82ca3e5ef2ee14f393c2fa0117239a51886e006ffc064609c0021cb10064de520b8a1ca03b719011bedb9

    • Adds Run entry to policy start application

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks whether UAC is enabled

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks