General

  • Target

    Eurocase-outbyte-driver-updater.exe

  • Size

    17.9MB

  • Sample

    230326-24qb5scd8w

  • MD5

    220837c2f22829c288e2585a9e625ae2

  • SHA1

    9cca1b4ea934836a2d5b51189c52462d98647eef

  • SHA256

    6d05134b2789f9eb04d368cef3b525c0fd04802662a30e855fe9d7ae87eabd3e

  • SHA512

    d8338c6094ed5f45c86f17a13b0fd3dc56f3bbe9f5845cd7c785e1410901f5cce91ff14f9f4539888a04024a243c73117d9db8e2fb7f62a9a788d7f4870d4598

  • SSDEEP

    393216:mN2NlreCD2m/MnaaMw2SvNfS0xY2/OCvhW1SItsQe29E9GXrFdSLWIy:m430mEa855SSYD/1SI2Qe2CcTbIy

Malware Config

Targets

    • Target

      Eurocase-outbyte-driver-updater.exe

    • Size

      17.9MB

    • MD5

      220837c2f22829c288e2585a9e625ae2

    • SHA1

      9cca1b4ea934836a2d5b51189c52462d98647eef

    • SHA256

      6d05134b2789f9eb04d368cef3b525c0fd04802662a30e855fe9d7ae87eabd3e

    • SHA512

      d8338c6094ed5f45c86f17a13b0fd3dc56f3bbe9f5845cd7c785e1410901f5cce91ff14f9f4539888a04024a243c73117d9db8e2fb7f62a9a788d7f4870d4598

    • SSDEEP

      393216:mN2NlreCD2m/MnaaMw2SvNfS0xY2/OCvhW1SItsQe29E9GXrFdSLWIy:m430mEa855SSYD/1SI2Qe2CcTbIy

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Bootkit

1
T1067

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Credentials in Files

1
T1081

Discovery

Query Registry

4
T1012

System Information Discovery

4
T1082

Peripheral Device Discovery

1
T1120

Collection

Data from Local System

1
T1005

Tasks