General

  • Target

    7c0675ab03c72efdae89b23f6ce1e8bd3972e0bea769be246baf2e86e24b26a4

  • Size

    31KB

  • Sample

    221123-szpqdacf53

  • MD5

    35974bffb685ec30a23e6cd55f1d5fda

  • SHA1

    e1ea58b98656795a3bdac8473a2479928061fd1a

  • SHA256

    7c0675ab03c72efdae89b23f6ce1e8bd3972e0bea769be246baf2e86e24b26a4

  • SHA512

    08aa1c8c2dd54c044a6abe2b0fb02f3d210b55453f26f388a410c7cc45df853bc303af02c2849fd89fef47b7c784e20d97a1b3e702e582ed93142472bbcc3f76

  • SSDEEP

    768:biliAnUQYkYKzqbjC5RqHjrYReyZx+l0oKriCPRDL:MSsz6jGeyZx+l0TR

Malware Config

Targets

    • Target

      7c0675ab03c72efdae89b23f6ce1e8bd3972e0bea769be246baf2e86e24b26a4

    • Size

      31KB

    • MD5

      35974bffb685ec30a23e6cd55f1d5fda

    • SHA1

      e1ea58b98656795a3bdac8473a2479928061fd1a

    • SHA256

      7c0675ab03c72efdae89b23f6ce1e8bd3972e0bea769be246baf2e86e24b26a4

    • SHA512

      08aa1c8c2dd54c044a6abe2b0fb02f3d210b55453f26f388a410c7cc45df853bc303af02c2849fd89fef47b7c784e20d97a1b3e702e582ed93142472bbcc3f76

    • SSDEEP

      768:biliAnUQYkYKzqbjC5RqHjrYReyZx+l0oKriCPRDL:MSsz6jGeyZx+l0TR

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks