General

  • Target

    698bd8b6264bdf34182fb616a8bcfc61157ec0bfd3a6ef3cf6e14547f407fc1b

  • Size

    563KB

  • Sample

    230424-ak16raac9w

  • MD5

    e8063f735ad26b28d24e0502f21ea9ad

  • SHA1

    4b651892afd7ac7de00bb8a8b0b7434dfdedec50

  • SHA256

    698bd8b6264bdf34182fb616a8bcfc61157ec0bfd3a6ef3cf6e14547f407fc1b

  • SHA512

    4516d1263c53d051adb7b37dd79ab99683fe77b1dd8f2e085b78f737902b2fd3540e552b506fad832e942231b40bc5e3a2b613a9bc7b0eaad3ccd34996c92f1c

  • SSDEEP

    12288:Iy900B+X5gdgPwM0cID/zc0afYnMiJC7CxPI0BV:Iyva5ugwMMLDafolvGwV

Malware Config

Targets

    • Target

      698bd8b6264bdf34182fb616a8bcfc61157ec0bfd3a6ef3cf6e14547f407fc1b

    • Size

      563KB

    • MD5

      e8063f735ad26b28d24e0502f21ea9ad

    • SHA1

      4b651892afd7ac7de00bb8a8b0b7434dfdedec50

    • SHA256

      698bd8b6264bdf34182fb616a8bcfc61157ec0bfd3a6ef3cf6e14547f407fc1b

    • SHA512

      4516d1263c53d051adb7b37dd79ab99683fe77b1dd8f2e085b78f737902b2fd3540e552b506fad832e942231b40bc5e3a2b613a9bc7b0eaad3ccd34996c92f1c

    • SSDEEP

      12288:Iy900B+X5gdgPwM0cID/zc0afYnMiJC7CxPI0BV:Iyva5ugwMMLDafolvGwV

    • Modifies Windows Defender Real-time Protection settings

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks