General

  • Target

    3dbacbdf4e7757f3ee07d0f9ed2e772b3110e89ecee755a8cebe23481b7de11c

  • Size

    563KB

  • Sample

    230424-ajydgagg35

  • MD5

    ae462e77d4965995bba958b121164844

  • SHA1

    d27ffb4dfee712cae3d9ad4287ec01ea31729ec5

  • SHA256

    3dbacbdf4e7757f3ee07d0f9ed2e772b3110e89ecee755a8cebe23481b7de11c

  • SHA512

    c7bb21e98fbc9218df46fcef031ca8e3b7f9984f4c97ad3fa261611da3dd3746e9ddc6670641d9636675e31cd342b7a61038a4020edf22b4ae70e7c6aa51984f

  • SSDEEP

    12288:dy90S/boLlpQ4r4+y3UIxtz60P0z2MmJQdKj62t:dycxppy1VVP0iZJj

Malware Config

Targets

    • Target

      3dbacbdf4e7757f3ee07d0f9ed2e772b3110e89ecee755a8cebe23481b7de11c

    • Size

      563KB

    • MD5

      ae462e77d4965995bba958b121164844

    • SHA1

      d27ffb4dfee712cae3d9ad4287ec01ea31729ec5

    • SHA256

      3dbacbdf4e7757f3ee07d0f9ed2e772b3110e89ecee755a8cebe23481b7de11c

    • SHA512

      c7bb21e98fbc9218df46fcef031ca8e3b7f9984f4c97ad3fa261611da3dd3746e9ddc6670641d9636675e31cd342b7a61038a4020edf22b4ae70e7c6aa51984f

    • SSDEEP

      12288:dy90S/boLlpQ4r4+y3UIxtz60P0z2MmJQdKj62t:dycxppy1VVP0iZJj

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks