General

  • Target

    5d87c19080ff6a506777527eb9f572d1b9a1ab62357997036dd9075e0ba524f6

  • Size

    563KB

  • Sample

    230423-zb4mysfg29

  • MD5

    bbb9c74b487c2d477443902f5e8a7a8d

  • SHA1

    b03ca6f45925118ded63729d61b9acf9fb5935e3

  • SHA256

    5d87c19080ff6a506777527eb9f572d1b9a1ab62357997036dd9075e0ba524f6

  • SHA512

    0017994f73446fdf0ff1e522625ce928bb6b15d36cda5feed6768930fc97e4f6c189edb0592022debfffa1b973e980e9e337a7b25267eda5d4d4ea11862908fe

  • SSDEEP

    12288:qy90EjIZRYNWgGdOoDI1+VhYH2TyCeiFKsgS5XwoIYz26:qyLjIZRYNznoDIYX+2mIFKfoVx

Malware Config

Targets

    • Target

      5d87c19080ff6a506777527eb9f572d1b9a1ab62357997036dd9075e0ba524f6

    • Size

      563KB

    • MD5

      bbb9c74b487c2d477443902f5e8a7a8d

    • SHA1

      b03ca6f45925118ded63729d61b9acf9fb5935e3

    • SHA256

      5d87c19080ff6a506777527eb9f572d1b9a1ab62357997036dd9075e0ba524f6

    • SHA512

      0017994f73446fdf0ff1e522625ce928bb6b15d36cda5feed6768930fc97e4f6c189edb0592022debfffa1b973e980e9e337a7b25267eda5d4d4ea11862908fe

    • SSDEEP

      12288:qy90EjIZRYNWgGdOoDI1+VhYH2TyCeiFKsgS5XwoIYz26:qyLjIZRYNznoDIYX+2mIFKfoVx

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks