General

  • Target

    a4e040804d17566ff7b1b41b51d15e6207e866ca1c586007237d42045217b3dc

  • Size

    931KB

  • Sample

    221124-z4ty8add9s

  • MD5

    6e6717c664e3f98bee42c4e03188d83d

  • SHA1

    b83be1abdd9ddd1ae7358ddb791f88f936d8904f

  • SHA256

    a4e040804d17566ff7b1b41b51d15e6207e866ca1c586007237d42045217b3dc

  • SHA512

    2e34281094e2ac536d515a9d2800aa0303d398e33f2174bc4594f9f6d80fe2d71bd0d26dc6cdf2f6d8e7347bbeaced01f9af37282a26c650435f6c773aa69e6a

  • SSDEEP

    24576:h1OYdaOeCZ/iWCvu/2sWsJA/jlt+DHhsX:h1OsQCpYO/dJJDHhsX

Malware Config

Targets

    • Target

      a4e040804d17566ff7b1b41b51d15e6207e866ca1c586007237d42045217b3dc

    • Size

      931KB

    • MD5

      6e6717c664e3f98bee42c4e03188d83d

    • SHA1

      b83be1abdd9ddd1ae7358ddb791f88f936d8904f

    • SHA256

      a4e040804d17566ff7b1b41b51d15e6207e866ca1c586007237d42045217b3dc

    • SHA512

      2e34281094e2ac536d515a9d2800aa0303d398e33f2174bc4594f9f6d80fe2d71bd0d26dc6cdf2f6d8e7347bbeaced01f9af37282a26c650435f6c773aa69e6a

    • SSDEEP

      24576:h1OYdaOeCZ/iWCvu/2sWsJA/jlt+DHhsX:h1OsQCpYO/dJJDHhsX

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks