General

  • Target

    60b7148afca88581a9a667c3b2e2539d019e5b56d8bee61b718f85c2d6152208

  • Size

    704KB

  • Sample

    230423-zg3b3shd5w

  • MD5

    b24b9c49760b0990ea026886958692ea

  • SHA1

    8dd0532f0d027113457289a6b676239d621523f7

  • SHA256

    60b7148afca88581a9a667c3b2e2539d019e5b56d8bee61b718f85c2d6152208

  • SHA512

    6f06fccc4db6eef58b77ee611c2582b87ccf376d30006b0d1088ec2efbccc7c2ed471a2e304a27ca2c55d4304d4a0fc5b1f7aef87006985687522f6da33c5086

  • SSDEEP

    12288:6y90mKDi1WE2mE5tmU1cnFyya2V4Q2RrE8MWC/iwKiRUUmxHkzT:6ysOhE55qxa2Peo8p5wKiRDmFkf

Malware Config

Targets

    • Target

      60b7148afca88581a9a667c3b2e2539d019e5b56d8bee61b718f85c2d6152208

    • Size

      704KB

    • MD5

      b24b9c49760b0990ea026886958692ea

    • SHA1

      8dd0532f0d027113457289a6b676239d621523f7

    • SHA256

      60b7148afca88581a9a667c3b2e2539d019e5b56d8bee61b718f85c2d6152208

    • SHA512

      6f06fccc4db6eef58b77ee611c2582b87ccf376d30006b0d1088ec2efbccc7c2ed471a2e304a27ca2c55d4304d4a0fc5b1f7aef87006985687522f6da33c5086

    • SSDEEP

      12288:6y90mKDi1WE2mE5tmU1cnFyya2V4Q2RrE8MWC/iwKiRUUmxHkzT:6ysOhE55qxa2Peo8p5wKiRDmFkf

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks