General

  • Target

    5b4ec576225ae37c8a74afb08e9d6107

  • Size

    313KB

  • Sample

    240114-qbsq1safaq

  • MD5

    5b4ec576225ae37c8a74afb08e9d6107

  • SHA1

    214b2b8f09653ecdb0ac02adf532f33b3205d65f

  • SHA256

    6896be18e3a6380500b6ab383e2821d83760ea5ff037dd3cf19e89dbbbfd3c7f

  • SHA512

    a73cc1cf9cfb665df890b3090f43d40d51e689b2ffe91d7b98eac4445cfcd5d77c12836fd66997686f8b83554854c7c5c7ba8c280d9b3dfe627d0873622132db

  • SSDEEP

    6144:91OgDPdkBAFZWjadD4sxuyWWvACrzO3cM1l7:91OgLdagfrzO3c+l

Malware Config

Targets

    • Target

      5b4ec576225ae37c8a74afb08e9d6107

    • Size

      313KB

    • MD5

      5b4ec576225ae37c8a74afb08e9d6107

    • SHA1

      214b2b8f09653ecdb0ac02adf532f33b3205d65f

    • SHA256

      6896be18e3a6380500b6ab383e2821d83760ea5ff037dd3cf19e89dbbbfd3c7f

    • SHA512

      a73cc1cf9cfb665df890b3090f43d40d51e689b2ffe91d7b98eac4445cfcd5d77c12836fd66997686f8b83554854c7c5c7ba8c280d9b3dfe627d0873622132db

    • SSDEEP

      6144:91OgDPdkBAFZWjadD4sxuyWWvACrzO3cM1l7:91OgLdagfrzO3c+l

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks