General

  • Target

    c0989dca0ce7394222f3b1dc3f3c587a1c396ac433b7b6feb2f6d7cc527cf93d

  • Size

    926KB

  • Sample

    221124-yh66zshh51

  • MD5

    8523a88737c43021b94a9f168ea90fce

  • SHA1

    7ef43561da6395b2625609ce4ad2acf0683a4b74

  • SHA256

    c0989dca0ce7394222f3b1dc3f3c587a1c396ac433b7b6feb2f6d7cc527cf93d

  • SHA512

    a079d1161c0995e8d92b1e0c5351aed2d6e32f936712cf1780c2a4fe8a1642d886a151d7a760f010594c8dccfdc5393a52ba707820507508687c634649d04779

  • SSDEEP

    24576:h1OYdaOGnQju5vMu6qN2FctIOBYXZBai3GBlgpKLe/7rx:h1OscQjO6HHzayGBe/7rx

Malware Config

Targets

    • Target

      c0989dca0ce7394222f3b1dc3f3c587a1c396ac433b7b6feb2f6d7cc527cf93d

    • Size

      926KB

    • MD5

      8523a88737c43021b94a9f168ea90fce

    • SHA1

      7ef43561da6395b2625609ce4ad2acf0683a4b74

    • SHA256

      c0989dca0ce7394222f3b1dc3f3c587a1c396ac433b7b6feb2f6d7cc527cf93d

    • SHA512

      a079d1161c0995e8d92b1e0c5351aed2d6e32f936712cf1780c2a4fe8a1642d886a151d7a760f010594c8dccfdc5393a52ba707820507508687c634649d04779

    • SSDEEP

      24576:h1OYdaOGnQju5vMu6qN2FctIOBYXZBai3GBlgpKLe/7rx:h1OscQjO6HHzayGBe/7rx

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Credential Access

Credentials in Files

1
T1081

Discovery

Query Registry

1
T1012

Collection

Data from Local System

1
T1005

Tasks