General

  • Target

    19d1d56adede8ee4ce5280ad55f49e08

  • Size

    4.2MB

  • Sample

    231225-nakmxaceh5

  • MD5

    19d1d56adede8ee4ce5280ad55f49e08

  • SHA1

    4cef5bd9a3d360f02c8d75a2fe89523b43b29f4f

  • SHA256

    6afa48f9297d2cad590bfb3ac58cbd8337e9ece284fa387fbce658551fa588c5

  • SHA512

    765a8666908e4aa445d96f7a365f070b574e68b57e6e3b2c21aca70178193307f37d3193721c3a7517b1068e5602553dcf84ea68640f2171ea95ec002e164caf

  • SSDEEP

    24576:Qaf8wY3ebaG0cmKcQJxltGzmdngB8OuyruoHlIZWLJtHZoJCsEr4dS:QaKOwcowT/omyJtHZoJCsU

Malware Config

Targets

    • Target

      19d1d56adede8ee4ce5280ad55f49e08

    • Size

      4.2MB

    • MD5

      19d1d56adede8ee4ce5280ad55f49e08

    • SHA1

      4cef5bd9a3d360f02c8d75a2fe89523b43b29f4f

    • SHA256

      6afa48f9297d2cad590bfb3ac58cbd8337e9ece284fa387fbce658551fa588c5

    • SHA512

      765a8666908e4aa445d96f7a365f070b574e68b57e6e3b2c21aca70178193307f37d3193721c3a7517b1068e5602553dcf84ea68640f2171ea95ec002e164caf

    • SSDEEP

      24576:Qaf8wY3ebaG0cmKcQJxltGzmdngB8OuyruoHlIZWLJtHZoJCsEr4dS:QaKOwcowT/omyJtHZoJCsU

    • NirSoft MailPassView

      Password recovery tool for various email clients

    • Nirsoft

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Accesses Microsoft Outlook accounts

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks