General

  • Target

    8243aaceedaff918a90ad0079b232bd6ba3020897db3124d3fbae8d4bca4b270

  • Size

    930KB

  • Sample

    221124-jxx5asdc6t

  • MD5

    a751dbbb1273d64b51f2736dc944018b

  • SHA1

    e40fb9df4b8c18973800a128e5f717b2314e86c6

  • SHA256

    8243aaceedaff918a90ad0079b232bd6ba3020897db3124d3fbae8d4bca4b270

  • SHA512

    cf9db16281dc9c86160c4cee72dbe780d3b7aacb6e75868eb97d9beab16e72b0d9b48664f4e3f4b87ee2378bced4306fb227dcc8ffb4284721a21bc4bc57da03

  • SSDEEP

    24576:h1OYdaOcMWSUbvCXEQKSqGv8VWumF6RmcJozyPvpf4:h1OsCMWyUQ+GUVFIcHPvpf4

Malware Config

Targets

    • Target

      8243aaceedaff918a90ad0079b232bd6ba3020897db3124d3fbae8d4bca4b270

    • Size

      930KB

    • MD5

      a751dbbb1273d64b51f2736dc944018b

    • SHA1

      e40fb9df4b8c18973800a128e5f717b2314e86c6

    • SHA256

      8243aaceedaff918a90ad0079b232bd6ba3020897db3124d3fbae8d4bca4b270

    • SHA512

      cf9db16281dc9c86160c4cee72dbe780d3b7aacb6e75868eb97d9beab16e72b0d9b48664f4e3f4b87ee2378bced4306fb227dcc8ffb4284721a21bc4bc57da03

    • SSDEEP

      24576:h1OYdaOcMWSUbvCXEQKSqGv8VWumF6RmcJozyPvpf4:h1OsCMWyUQ+GUVFIcHPvpf4

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks