General

  • Target

    Setup_WinThruster_2022.exe

  • Size

    6.2MB

  • Sample

    220708-faj3dabha7

  • MD5

    3a7e7ea1cf919179c78d9c1984954703

  • SHA1

    e31ad15a0da3eb8da66cf41f7c867e5321a112ef

  • SHA256

    6ff7aedc498bef729553eafea78e4a5d498d52837f45c7c188d51cfaab10c2f9

  • SHA512

    c49c7c9fc88370ed88880bc2dcd2d24f611f2b96ebf9749600e7edfe563f06c8c3686a3fb6a4fa33ee9ade61ca8f79ba5a3372cfa2dcefad4a02af80687d46e2

Malware Config

Targets

    • Target

      Setup_WinThruster_2022.exe

    • Size

      6.2MB

    • MD5

      3a7e7ea1cf919179c78d9c1984954703

    • SHA1

      e31ad15a0da3eb8da66cf41f7c867e5321a112ef

    • SHA256

      6ff7aedc498bef729553eafea78e4a5d498d52837f45c7c188d51cfaab10c2f9

    • SHA512

      c49c7c9fc88370ed88880bc2dcd2d24f611f2b96ebf9749600e7edfe563f06c8c3686a3fb6a4fa33ee9ade61ca8f79ba5a3372cfa2dcefad4a02af80687d46e2

    • Executes dropped EXE

    • Registers COM server for autorun

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks