General

  • Target

    c25637fbfe2385e67f42378ccbd68474.bin

  • Size

    761KB

  • Sample

    230328-crjldsge45

  • MD5

    8b77a5a69418c777d2113d1bcbad6e36

  • SHA1

    f0a5ea767f666a5ded451464d94b9c7656a3bafe

  • SHA256

    46e1f20cc0a0999807fc4418d70cfe88365a7defb14a5d26f57d1c4d2d6dfb88

  • SHA512

    58f6425a5bfe14db9809e1c946d0344e78165964a82917870ebebb19bc7e8571755f0fb6cdbf9f832e2d3079143a3a5258e7d453d1acb207625cc0a3ba256bf6

  • SSDEEP

    12288:l9vQIa8TZcAQfef8FLUolcD3MQK93R7wtiASmoba0/2FyTUncN:liIaQYO8hUolcDLK3R7rAh28C

Malware Config

Targets

    • Target

      425c0e99221b064d1577ac907a4803d14f4e67a305742aa2c1e80382b967831b.exe

    • Size

      1.4MB

    • MD5

      c25637fbfe2385e67f42378ccbd68474

    • SHA1

      b6821b4141131e428f8c54c1f5e2d840724569ff

    • SHA256

      425c0e99221b064d1577ac907a4803d14f4e67a305742aa2c1e80382b967831b

    • SHA512

      78f69ef78ec40fb712a93e62722868dd78b5bf2c3a42add5a336e77bff4678a0e7b20c6d80e06a6b3d80f45a8de4d8ab363be3975d5d19be6cff8312b3424fe5

    • SSDEEP

      24576:GZ0deUIxg6AZLNsVHdGujJKX1uH9cBaGn6iMNo/FDHEj3TBechhH2y5DHEj3TB4o:65UIdwLNsV9G+KXhT9FDHEj3TBechhH0

    • Modifies extensions of user files

      Ransomware generally changes the extension on encrypted files.

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Matrix ATT&CK v6

Credential Access

Credentials in Files

1
T1081

Collection

Data from Local System

1
T1005

Tasks