General

  • Target

    c1851e556d73a718c21c0d3ab8a7cc1a99c4804a1a76c361475baf74639e6f47

  • Size

    931KB

  • Sample

    221124-ygncgshg7x

  • MD5

    d2253c8d9e251f4b32378fd65969af2e

  • SHA1

    272d4a9463f0252d7c8e7a923bb92c735c070642

  • SHA256

    c1851e556d73a718c21c0d3ab8a7cc1a99c4804a1a76c361475baf74639e6f47

  • SHA512

    370526f8a2a2e4c8db13100ea24dd7ae2d40c02c5466395c5881ca175d06e5a103369583bc38318f17c417a7b54b32bde1ee2a7a6019deac8c23449b559c1042

  • SSDEEP

    24576:h1OYdaOpCZ/iWCvu/2sWsJA/jlt+DHhsb:h1OsfCpYO/dJJDHhsb

Malware Config

Targets

    • Target

      c1851e556d73a718c21c0d3ab8a7cc1a99c4804a1a76c361475baf74639e6f47

    • Size

      931KB

    • MD5

      d2253c8d9e251f4b32378fd65969af2e

    • SHA1

      272d4a9463f0252d7c8e7a923bb92c735c070642

    • SHA256

      c1851e556d73a718c21c0d3ab8a7cc1a99c4804a1a76c361475baf74639e6f47

    • SHA512

      370526f8a2a2e4c8db13100ea24dd7ae2d40c02c5466395c5881ca175d06e5a103369583bc38318f17c417a7b54b32bde1ee2a7a6019deac8c23449b559c1042

    • SSDEEP

      24576:h1OYdaOpCZ/iWCvu/2sWsJA/jlt+DHhsb:h1OsfCpYO/dJJDHhsb

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Credential Access

Credentials in Files

1
T1081

Discovery

Query Registry

1
T1012

Collection

Data from Local System

1
T1005

Tasks