General

  • Target

    24deb57137aea1117e73f8f8edea3b6572f94c4924e05c057e4cc78cb777cf47

  • Size

    268KB

  • Sample

    221124-j1tahsde3y

  • MD5

    e2e275413ad1246b9ac9de9d175f5103

  • SHA1

    dac9e13cf3289c7870da32a94e76e7bef34b945d

  • SHA256

    24deb57137aea1117e73f8f8edea3b6572f94c4924e05c057e4cc78cb777cf47

  • SHA512

    fbcc0ae533c53ea4e284b92c47a430b0e8d82fdeec8c080d51c4e71137cfa94d567c95e2f0f32c3e355088d03973d7fa08c4737b658a0a8f038bff0b0dc1d83d

  • SSDEEP

    6144:5s8ONkS3YNIHoZ8/gUC5gjvyGNmCW+zgaVjPcmSSaXfZH89rE:5s5NkS3YNIHs8/gUC5cvVj2vSaPt0rE

Malware Config

Targets

    • Target

      24deb57137aea1117e73f8f8edea3b6572f94c4924e05c057e4cc78cb777cf47

    • Size

      268KB

    • MD5

      e2e275413ad1246b9ac9de9d175f5103

    • SHA1

      dac9e13cf3289c7870da32a94e76e7bef34b945d

    • SHA256

      24deb57137aea1117e73f8f8edea3b6572f94c4924e05c057e4cc78cb777cf47

    • SHA512

      fbcc0ae533c53ea4e284b92c47a430b0e8d82fdeec8c080d51c4e71137cfa94d567c95e2f0f32c3e355088d03973d7fa08c4737b658a0a8f038bff0b0dc1d83d

    • SSDEEP

      6144:5s8ONkS3YNIHoZ8/gUC5gjvyGNmCW+zgaVjPcmSSaXfZH89rE:5s5NkS3YNIHs8/gUC5cvVj2vSaPt0rE

    • Executes dropped EXE

    • Modifies extensions of user files

      Ransomware generally changes the extension on encrypted files.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v6

Tasks