General

  • Target

    c2426c126a4ce814a1761cfb7c038ed3cad7e1a94f1c95f8c23ad682cd26315e

  • Size

    931KB

  • Sample

    221124-ye5hzshf7x

  • MD5

    85c3be6c4d58e52a7b0bf20c8a4640aa

  • SHA1

    064c6c2f26ab031f0cb2536e6a940ffb4af382f1

  • SHA256

    c2426c126a4ce814a1761cfb7c038ed3cad7e1a94f1c95f8c23ad682cd26315e

  • SHA512

    aded11344949cf4208994775765be799d361f1e26bbaaf8b4f6ad01076fc37427ec25736b29f9e830050165222b64a25ca0c254e24c17f7b41c8718baa01a180

  • SSDEEP

    24576:h1OYdaObCZ/iWCvu/2sWsJA/jlt+DHhsT:h1OsNCpYO/dJJDHhsT

Malware Config

Targets

    • Target

      c2426c126a4ce814a1761cfb7c038ed3cad7e1a94f1c95f8c23ad682cd26315e

    • Size

      931KB

    • MD5

      85c3be6c4d58e52a7b0bf20c8a4640aa

    • SHA1

      064c6c2f26ab031f0cb2536e6a940ffb4af382f1

    • SHA256

      c2426c126a4ce814a1761cfb7c038ed3cad7e1a94f1c95f8c23ad682cd26315e

    • SHA512

      aded11344949cf4208994775765be799d361f1e26bbaaf8b4f6ad01076fc37427ec25736b29f9e830050165222b64a25ca0c254e24c17f7b41c8718baa01a180

    • SSDEEP

      24576:h1OYdaObCZ/iWCvu/2sWsJA/jlt+DHhsT:h1OsNCpYO/dJJDHhsT

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Credential Access

Credentials in Files

1
T1081

Discovery

Query Registry

1
T1012

Collection

Data from Local System

1
T1005

Tasks