General

  • Target

    e6151c90ba270e362b12164d0a6ba631174eae52c19559f1a27afd4fcc53d253

  • Size

    2.1MB

  • Sample

    221125-qsgebabc28

  • MD5

    f79b8566647f3f7c9f6d0f4ace4aba30

  • SHA1

    13f36bd2e1066a071e80f9fd4eaa499559c6cef3

  • SHA256

    e6151c90ba270e362b12164d0a6ba631174eae52c19559f1a27afd4fcc53d253

  • SHA512

    2e8c6d63c9396643951a25556430fd5f28c406162754e82b1888370b7846eaef9f694e3e56e64fcd48ff4f442ff8f61e2c19795ae533b8e1fc62e137a8aeb401

  • SSDEEP

    49152:h1OsIhvaZG1MVEtzijkTvu2x/uw4B8FHFF6D:h1OPvaxMziy3k

Malware Config

Targets

    • Target

      e6151c90ba270e362b12164d0a6ba631174eae52c19559f1a27afd4fcc53d253

    • Size

      2.1MB

    • MD5

      f79b8566647f3f7c9f6d0f4ace4aba30

    • SHA1

      13f36bd2e1066a071e80f9fd4eaa499559c6cef3

    • SHA256

      e6151c90ba270e362b12164d0a6ba631174eae52c19559f1a27afd4fcc53d253

    • SHA512

      2e8c6d63c9396643951a25556430fd5f28c406162754e82b1888370b7846eaef9f694e3e56e64fcd48ff4f442ff8f61e2c19795ae533b8e1fc62e137a8aeb401

    • SSDEEP

      49152:h1OsIhvaZG1MVEtzijkTvu2x/uw4B8FHFF6D:h1OPvaxMziy3k

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v6

Tasks