General

  • Target

    5157605471322112.zip

  • Size

    1.1MB

  • Sample

    210719-f7mkxfenz6

  • MD5

    16c231f5b0664175f25268d1e509784f

  • SHA1

    2683d100e067d1f369dc477ef1052faff598ec04

  • SHA256

    dd11f056da66ed26d16d61b87829452fa5e22d4171f6c2c08e9253ee133f5b0f

  • SHA512

    0b3e3838545e8fdee204f7ce7072be476ea605a08c15211cb4c08ba1ad11c2269f5900c9c62f0c8bfd8ee4866187336f3ccac65539b0c27c58f638dc98b008bb

Malware Config

Targets

    • Target

      86c40f517eee653a9311e767b03564b93b4313df19f34fb2a8ddb441620fa22e

    • Size

      2.0MB

    • MD5

      728da4882f5abb4f61a6219ebf1eda81

    • SHA1

      65c5d1bd09c7298a86eb425b976d22a3073f70f1

    • SHA256

      86c40f517eee653a9311e767b03564b93b4313df19f34fb2a8ddb441620fa22e

    • SHA512

      92a471a1f334b1d45e85aec53cb8e803237a45d3537f78faa8a521c6ae25df1fe5c8840b941461e6a6c0b4ab3eec74a099f166c3a7d2d3b0e0f572c34209dc53

    • Parasite, Nexus

      Parasite (or Nexus) is an infostealer written in C++.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks