General

  • Target

    2e489df275044b8fad7aad105509c3a647eb711609af5aedcea0550427da0fc5

  • Size

    313KB

  • Sample

    221020-lgn8kaffh6

  • MD5

    7c1687085f0717e76f9566737ce33ff4

  • SHA1

    6c73bd474709d776158a488088e7724d7375cab1

  • SHA256

    2e489df275044b8fad7aad105509c3a647eb711609af5aedcea0550427da0fc5

  • SHA512

    dc8f186565b0d3bd58e5c9daac417a2e80abb643944011fe59e3d0864d4557489a30a1d0e82dee3408e4bd1e2722048fa6a785a4fd3e9661b2c38eaa9a9c686f

  • SSDEEP

    6144:91OgDPdkBAFZWjadD4sAdOooSg3UQWLgdeoLpFsl:91OgLda4cls0nl

Malware Config

Targets

    • Target

      2e489df275044b8fad7aad105509c3a647eb711609af5aedcea0550427da0fc5

    • Size

      313KB

    • MD5

      7c1687085f0717e76f9566737ce33ff4

    • SHA1

      6c73bd474709d776158a488088e7724d7375cab1

    • SHA256

      2e489df275044b8fad7aad105509c3a647eb711609af5aedcea0550427da0fc5

    • SHA512

      dc8f186565b0d3bd58e5c9daac417a2e80abb643944011fe59e3d0864d4557489a30a1d0e82dee3408e4bd1e2722048fa6a785a4fd3e9661b2c38eaa9a9c686f

    • SSDEEP

      6144:91OgDPdkBAFZWjadD4sAdOooSg3UQWLgdeoLpFsl:91OgLda4cls0nl

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v6

Tasks