General

  • Target

    7e322758fde5bcf3d7929ca4df931514376be80a73eb64eef7db378e0cc0d4cc

  • Size

    568KB

  • Sample

    220415-gks9gagfcq

  • MD5

    a04e3ee9cb2acac19938a07d3baff511

  • SHA1

    faecd33c4243d60dd3f2f1c9762cad86c580167f

  • SHA256

    7e322758fde5bcf3d7929ca4df931514376be80a73eb64eef7db378e0cc0d4cc

  • SHA512

    68fe12990abcef919be6abd36829ee002b82b94be57242eb33b0eb107d6d093f31db2e01556609af0fca9f0af01c7e8ae3a5e77794bd1144b0e9e69c2a71e9a1

Malware Config

Targets

    • Target

      7e322758fde5bcf3d7929ca4df931514376be80a73eb64eef7db378e0cc0d4cc

    • Size

      568KB

    • MD5

      a04e3ee9cb2acac19938a07d3baff511

    • SHA1

      faecd33c4243d60dd3f2f1c9762cad86c580167f

    • SHA256

      7e322758fde5bcf3d7929ca4df931514376be80a73eb64eef7db378e0cc0d4cc

    • SHA512

      68fe12990abcef919be6abd36829ee002b82b94be57242eb33b0eb107d6d093f31db2e01556609af0fca9f0af01c7e8ae3a5e77794bd1144b0e9e69c2a71e9a1

    Score
    10/10
    • Meta Stealer Stealer

      Meta Stealer steals passwords stored in browsers, written in C++.

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v6

Tasks