General

  • Target

    ba20b9c0c59a77161746e1cce30ee770d916d450f3ab1520af40b58798defab2

  • Size

    1.0MB

  • Sample

    230424-aj15csac9s

  • MD5

    36ea4cfeeb543ff3d38933fd27742248

  • SHA1

    57c188982ccb576a4d6c0e743341e216b6b3ec12

  • SHA256

    ba20b9c0c59a77161746e1cce30ee770d916d450f3ab1520af40b58798defab2

  • SHA512

    e06f607b0a9112ca4972b30d62e5d93639739cf7289cdbdaced206920f225f9108e8071470660604688e617286da261f658ecf5c5d8e56369552b8a6304fa20c

  • SSDEEP

    24576:wcIu58c6Od3W36hmxGaKc1HIcf0ErjxO+TtR1N2VRDrcG3:wmZ6Od3WqFaKc1Hh8ErdOWR1N2fDrc

Malware Config

Targets

    • Target

      ba20b9c0c59a77161746e1cce30ee770d916d450f3ab1520af40b58798defab2

    • Size

      1.0MB

    • MD5

      36ea4cfeeb543ff3d38933fd27742248

    • SHA1

      57c188982ccb576a4d6c0e743341e216b6b3ec12

    • SHA256

      ba20b9c0c59a77161746e1cce30ee770d916d450f3ab1520af40b58798defab2

    • SHA512

      e06f607b0a9112ca4972b30d62e5d93639739cf7289cdbdaced206920f225f9108e8071470660604688e617286da261f658ecf5c5d8e56369552b8a6304fa20c

    • SSDEEP

      24576:wcIu58c6Od3W36hmxGaKc1HIcf0ErjxO+TtR1N2VRDrcG3:wmZ6Od3WqFaKc1Hh8ErdOWR1N2fDrc

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks