General

  • Target

    b16558fa589a0699a45f4bb3b24bf330a0d8804f364752c3c8f3d596ce3421c2

  • Size

    249KB

  • Sample

    221202-bttnpsac87

  • MD5

    cb3b344ed697af02dd2fe371466f9287

  • SHA1

    a575ff575a248a49081657944410226c085d6b7e

  • SHA256

    b16558fa589a0699a45f4bb3b24bf330a0d8804f364752c3c8f3d596ce3421c2

  • SHA512

    3bb42952594da02dfbd8b0f60bdd396527aa609c06999b8ebad730ef481410e33b9c39f4ebb960f6136d7cb8ef3d1fc7d9b74d044e5f2a3017dcdbbf2887f516

  • SSDEEP

    6144:h1OgDPdkBAFZWjadD4s51eL9Oo055ds9ZGyLwhwk0V1F:h1OgLdaOIBA5ds9ZzNkY1F

Malware Config

Targets

    • Target

      b16558fa589a0699a45f4bb3b24bf330a0d8804f364752c3c8f3d596ce3421c2

    • Size

      249KB

    • MD5

      cb3b344ed697af02dd2fe371466f9287

    • SHA1

      a575ff575a248a49081657944410226c085d6b7e

    • SHA256

      b16558fa589a0699a45f4bb3b24bf330a0d8804f364752c3c8f3d596ce3421c2

    • SHA512

      3bb42952594da02dfbd8b0f60bdd396527aa609c06999b8ebad730ef481410e33b9c39f4ebb960f6136d7cb8ef3d1fc7d9b74d044e5f2a3017dcdbbf2887f516

    • SSDEEP

      6144:h1OgDPdkBAFZWjadD4s51eL9Oo055ds9ZGyLwhwk0V1F:h1OgLdaOIBA5ds9ZzNkY1F

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v6

Tasks