General

  • Target

    49c8e9de0cd4f85c779359d147851c00868bf0df907f325b4c7e5c905da7b786

  • Size

    462KB

  • Sample

    221002-13tgqscge8

  • MD5

    07909869be577192e3339cce43dfd38d

  • SHA1

    18589eb66e28a1f284e24ac90f12a02a980c2a03

  • SHA256

    49c8e9de0cd4f85c779359d147851c00868bf0df907f325b4c7e5c905da7b786

  • SHA512

    cc99b052395c56e1703f20326cbcbcfe95e0c73f9505fe6add999f915da8d5299bc5cf1bd6fbe5ebef3e122ec0e865f94ee62ead8903c43916c8f963a97828b3

  • SSDEEP

    12288:X6jZEVGUQK+DAluyZGR4wXPQnnikRgwiopf:aUQmAyZY4yotG2f

Malware Config

Targets

    • Target

      49c8e9de0cd4f85c779359d147851c00868bf0df907f325b4c7e5c905da7b786

    • Size

      462KB

    • MD5

      07909869be577192e3339cce43dfd38d

    • SHA1

      18589eb66e28a1f284e24ac90f12a02a980c2a03

    • SHA256

      49c8e9de0cd4f85c779359d147851c00868bf0df907f325b4c7e5c905da7b786

    • SHA512

      cc99b052395c56e1703f20326cbcbcfe95e0c73f9505fe6add999f915da8d5299bc5cf1bd6fbe5ebef3e122ec0e865f94ee62ead8903c43916c8f963a97828b3

    • SSDEEP

      12288:X6jZEVGUQK+DAluyZGR4wXPQnnikRgwiopf:aUQmAyZY4yotG2f

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks