General

  • Target

    q.ex

  • Size

    26KB

  • Sample

    230328-ar54aahh4x

  • MD5

    2c8df3499a2666c107a3a900335b8bd6

  • SHA1

    dcbdd6e56552aa20bd867c43c7e3d4fec9957e49

  • SHA256

    f6a4b33ecf988c80b0c5aa280a5a3850f44bb3931ae0d845df7c064803c5f7c7

  • SHA512

    76b358c23bf11d21b748aef55e2fdaa633dea698eec2933fb2073ed0989574a1935e106a2ab92c0b0ecb1e112be26a708a1aecb2599b9944d8f4906547f2e435

  • SSDEEP

    384:F+Qkwe/MEf4KCd+p5afqJnNiuRCpGP6aax9N7JmTnyvHRfeKiI4ZimJU:F+2eJWMTbiqeGPabsnyvHdTiBAX

Malware Config

Targets

    • Target

      q.ex

    • Size

      26KB

    • MD5

      2c8df3499a2666c107a3a900335b8bd6

    • SHA1

      dcbdd6e56552aa20bd867c43c7e3d4fec9957e49

    • SHA256

      f6a4b33ecf988c80b0c5aa280a5a3850f44bb3931ae0d845df7c064803c5f7c7

    • SHA512

      76b358c23bf11d21b748aef55e2fdaa633dea698eec2933fb2073ed0989574a1935e106a2ab92c0b0ecb1e112be26a708a1aecb2599b9944d8f4906547f2e435

    • SSDEEP

      384:F+Qkwe/MEf4KCd+p5afqJnNiuRCpGP6aax9N7JmTnyvHRfeKiI4ZimJU:F+2eJWMTbiqeGPabsnyvHdTiBAX

    • Modifies extensions of user files

      Ransomware generally changes the extension on encrypted files.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Matrix ATT&CK v6

Credential Access

Credentials in Files

1
T1081

Collection

Data from Local System

1
T1005

Tasks