General

  • Target

    da4cd3e5e8238b5d65ae1111d9a0640ae04d50edab013ba21c76a44e5ffdb599

  • Size

    931KB

  • Sample

    221124-kbydlseb9t

  • MD5

    599061f9547b766bf305d1c8e013ea81

  • SHA1

    5dacafb5ec700aef81ce1e126c76448ebd64e577

  • SHA256

    da4cd3e5e8238b5d65ae1111d9a0640ae04d50edab013ba21c76a44e5ffdb599

  • SHA512

    41ff99c99c5a0b6ca816b955492cf4f570baaf8716e258254825e97a7d80093086a6466d1e62fd744f3d8ae3837bcce6b9ab2100f4982c53de9283fbbdff7d7a

  • SSDEEP

    24576:h1OYdaOaMWSUbvCXEQKSqGv8VWumF6RmcJozyPvpfA:h1OscMWyUQ+GUVFIcHPvpfA

Malware Config

Targets

    • Target

      da4cd3e5e8238b5d65ae1111d9a0640ae04d50edab013ba21c76a44e5ffdb599

    • Size

      931KB

    • MD5

      599061f9547b766bf305d1c8e013ea81

    • SHA1

      5dacafb5ec700aef81ce1e126c76448ebd64e577

    • SHA256

      da4cd3e5e8238b5d65ae1111d9a0640ae04d50edab013ba21c76a44e5ffdb599

    • SHA512

      41ff99c99c5a0b6ca816b955492cf4f570baaf8716e258254825e97a7d80093086a6466d1e62fd744f3d8ae3837bcce6b9ab2100f4982c53de9283fbbdff7d7a

    • SSDEEP

      24576:h1OYdaOaMWSUbvCXEQKSqGv8VWumF6RmcJozyPvpfA:h1OscMWyUQ+GUVFIcHPvpfA

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks