General

  • Target

    Stealer.exe

  • Size

    2.0MB

  • Sample

    210210-wgyfd9zf7x

  • MD5

    054c44a6e8cecca202cafb0810dd0715

  • SHA1

    41346cfb2945a993afce18f68f8de1ce76008e1b

  • SHA256

    3face654f8b468fa5b820aed7c8fead522bf6b3604a76758ce75bfa250238e52

  • SHA512

    d74cffa8585e935d3947951315b4d4fc41e6f4eac1721c19f2cadb5ca472a7c832eaf92b65be9ab4c35c7aafb2bf9490849ade3f1c07ee59822b05f94d1ecddf

Malware Config

Targets

    • Target

      Stealer.exe

    • Size

      2.0MB

    • MD5

      054c44a6e8cecca202cafb0810dd0715

    • SHA1

      41346cfb2945a993afce18f68f8de1ce76008e1b

    • SHA256

      3face654f8b468fa5b820aed7c8fead522bf6b3604a76758ce75bfa250238e52

    • SHA512

      d74cffa8585e935d3947951315b4d4fc41e6f4eac1721c19f2cadb5ca472a7c832eaf92b65be9ab4c35c7aafb2bf9490849ade3f1c07ee59822b05f94d1ecddf

    • Parasite, Nexus

      Parasite (or Nexus) is an infostealer written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Enumerates physical storage devices

      Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

MITRE ATT&CK Enterprise v6

Tasks