General

  • Target

    ca918990eb349a4915c58287cc5f6c29612d330facd03fcd5a561dc7cb837110

  • Size

    920KB

  • Sample

    221124-xyg2csde59

  • MD5

    fedeedcd99f7aabfafee57760e2c27ee

  • SHA1

    3f9744b21c04a1f54c25df32a325a7e42a7baf95

  • SHA256

    ca918990eb349a4915c58287cc5f6c29612d330facd03fcd5a561dc7cb837110

  • SHA512

    a88d16ea17f222b0cae8d89815dcb651bab96d2ad7220c558211e3bccbbf9f7b34d3a6148e1a28d5404903be6812c0244a27ddff7280cf98d8c1d29177b8ac92

  • SSDEEP

    24576:h1OYdaO+MtdHAqcdDVhYwiei7+EpFAh/kK7:h1OsbPHVmVhYwiLtKkK7

Malware Config

Targets

    • Target

      ca918990eb349a4915c58287cc5f6c29612d330facd03fcd5a561dc7cb837110

    • Size

      920KB

    • MD5

      fedeedcd99f7aabfafee57760e2c27ee

    • SHA1

      3f9744b21c04a1f54c25df32a325a7e42a7baf95

    • SHA256

      ca918990eb349a4915c58287cc5f6c29612d330facd03fcd5a561dc7cb837110

    • SHA512

      a88d16ea17f222b0cae8d89815dcb651bab96d2ad7220c558211e3bccbbf9f7b34d3a6148e1a28d5404903be6812c0244a27ddff7280cf98d8c1d29177b8ac92

    • SSDEEP

      24576:h1OYdaO+MtdHAqcdDVhYwiei7+EpFAh/kK7:h1OsbPHVmVhYwiLtKkK7

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Credential Access

Credentials in Files

1
T1081

Discovery

Query Registry

1
T1012

Collection

Data from Local System

1
T1005

Tasks