General

  • Target

    66fc4d01e1f5647107e0853950496eab1d1a685b7332bcfb75f81c990272fce5

  • Size

    1.2MB

  • Sample

    230423-3f7f7aaa9t

  • MD5

    3c799155e8cecdfa71b1d051f5101128

  • SHA1

    5024caacde561a246b21ff07983265d058764af1

  • SHA256

    66fc4d01e1f5647107e0853950496eab1d1a685b7332bcfb75f81c990272fce5

  • SHA512

    98a8de1a07a36a6e8dd216111b89e64f73e10323a24f57fcbff64121d32395b18c69f5b71fd20ef0736e7b6fa4486a14d48967ddee53cae93be3c2e1af0b1924

  • SSDEEP

    24576:vu0fRlKB2ZGPoUC1VqAUjfeEB7htX0yromAWB5HpS/gl:W0+BshUC1VzUjjPP0/

Malware Config

Targets

    • Target

      66fc4d01e1f5647107e0853950496eab1d1a685b7332bcfb75f81c990272fce5

    • Size

      1.2MB

    • MD5

      3c799155e8cecdfa71b1d051f5101128

    • SHA1

      5024caacde561a246b21ff07983265d058764af1

    • SHA256

      66fc4d01e1f5647107e0853950496eab1d1a685b7332bcfb75f81c990272fce5

    • SHA512

      98a8de1a07a36a6e8dd216111b89e64f73e10323a24f57fcbff64121d32395b18c69f5b71fd20ef0736e7b6fa4486a14d48967ddee53cae93be3c2e1af0b1924

    • SSDEEP

      24576:vu0fRlKB2ZGPoUC1VqAUjfeEB7htX0yromAWB5HpS/gl:W0+BshUC1VzUjjPP0/

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks