General

  • Target

    6fa4f3e23f858ef5e8cb43d4e42e99a3724f04d8df5b1cbcc91fdc6931b5cb64

  • Size

    2.1MB

  • Sample

    221123-vef9lsgg82

  • MD5

    6d914ee59a55ae525fa9b5825cf4be89

  • SHA1

    6d10a0bfe8345466d8ddcbd2b5374a89a505a047

  • SHA256

    6fa4f3e23f858ef5e8cb43d4e42e99a3724f04d8df5b1cbcc91fdc6931b5cb64

  • SHA512

    9fde20d76050aff909970f8666b3359e6df06be42aca7858f689afbb0b623557e475aadf92db9aae5cb343bd6e7e65ccff7047985d48194a54553ec71429e06b

  • SSDEEP

    49152:h1OsMAxPqbaJ0CqWfTAeP20icuFMDoiXrBSdCIlE05XwjXr3g:h1OTAxib7CqWfTAeP2vaDhtSdpd

Malware Config

Targets

    • Target

      6fa4f3e23f858ef5e8cb43d4e42e99a3724f04d8df5b1cbcc91fdc6931b5cb64

    • Size

      2.1MB

    • MD5

      6d914ee59a55ae525fa9b5825cf4be89

    • SHA1

      6d10a0bfe8345466d8ddcbd2b5374a89a505a047

    • SHA256

      6fa4f3e23f858ef5e8cb43d4e42e99a3724f04d8df5b1cbcc91fdc6931b5cb64

    • SHA512

      9fde20d76050aff909970f8666b3359e6df06be42aca7858f689afbb0b623557e475aadf92db9aae5cb343bd6e7e65ccff7047985d48194a54553ec71429e06b

    • SSDEEP

      49152:h1OsMAxPqbaJ0CqWfTAeP20icuFMDoiXrBSdCIlE05XwjXr3g:h1OTAxib7CqWfTAeP2vaDhtSdpd

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v6

Tasks