General

  • Target

    dbc1ce6a39b547e42161d9cf31b0bee2c0f1c8ef8b8e06de00501a6f959dd83b

  • Size

    939KB

  • Sample

    230419-e3hvcaaa61

  • MD5

    97a8bd05778d19ad6a1ef992b685ea44

  • SHA1

    11a68ff36b824ebf5dfaa536376746ddcb3db61d

  • SHA256

    dbc1ce6a39b547e42161d9cf31b0bee2c0f1c8ef8b8e06de00501a6f959dd83b

  • SHA512

    cb8d1022a06ed4880a01454a4a64ee5e1a5ca79e03713c0c3f37cd04dcf6b47f66d0ecbe55610d3f2258855b3ed32abc70902d75fc9a4c7e179970443a531950

  • SSDEEP

    24576:My6wopVPbuMw7cT79MgZ+rThFQcEpfju:76bPbtNxMgGThkfj

Malware Config

Targets

    • Target

      dbc1ce6a39b547e42161d9cf31b0bee2c0f1c8ef8b8e06de00501a6f959dd83b

    • Size

      939KB

    • MD5

      97a8bd05778d19ad6a1ef992b685ea44

    • SHA1

      11a68ff36b824ebf5dfaa536376746ddcb3db61d

    • SHA256

      dbc1ce6a39b547e42161d9cf31b0bee2c0f1c8ef8b8e06de00501a6f959dd83b

    • SHA512

      cb8d1022a06ed4880a01454a4a64ee5e1a5ca79e03713c0c3f37cd04dcf6b47f66d0ecbe55610d3f2258855b3ed32abc70902d75fc9a4c7e179970443a531950

    • SSDEEP

      24576:My6wopVPbuMw7cT79MgZ+rThFQcEpfju:76bPbtNxMgGThkfj

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks