General
-
Target
SetupImgBurn_2.5.7.0.exe
-
Size
5.8MB
-
Sample
231222-l3e7safdhj
-
MD5
07213c58cbfef1ace1dc0b8dae4c976f
-
SHA1
e1487d1bc73ac24a0f3d89bd6326056b1ab1f545
-
SHA256
78f3c6c29aee2c929396a110dff21af45fac3563ea9108f136221a0107cb6ad5
-
SHA512
eaf949f13f621c0de25f76aef6e2d17405e1d3e2b1e609001378f839d63b8203b29dc11c34bfb73e5731dbd186156e3dbab732c562d0196230aa3923ceec22ea
-
SSDEEP
98304:9bmuw2tIql+hgomPSE2/a8ACkk1Dhl92Qk4f+7ZR+1kSGEwG71S4dQgo4:9/nnlMgo4SuzCkk1Dhl9xk4fOZk1H713
Malware Config
Targets
-
-
Target
Device/HarddiskVolume1/Users/RinuThomas/Documents/Rkays office/PAAET/transas 01-2013 mfc & tgs/david krof/_INSTALL/SetupImgBurn_2.5.7.0.exe
-
Size
5.8MB
-
MD5
8b15eb749457b601495c87f465c525f4
-
SHA1
13ddfa1862b74bdbbc06fc8766b36b9b73b25760
-
SHA256
3b61ce3d5d75fe4a90313741cdfa71c47ba6543fc568ab3293ed33983ff717d8
-
SHA512
370692e5d36d3fe4d4f42cd3d5d00987b54ca834582b6668f30d44beba1540ad1aa31f2429d0aac0350465b53e72f8ffc67ac459005b7f2a585e4219d4b2022f
-
SSDEEP
98304:JlN/A476UGGtP3G0FWPuJeXIWPafmioWzyN52lop0vBmL+1fKdqFT0CHVHkVE29L:JH/6UGGRGUeuoXI/mioWzm5u2gcL+tFe
Score8/10-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Modify Registry
3Subvert Trust Controls
1Install Root Certificate
1