General

  • Target

    64e81ece3d7e4b24e6c14e37a6047217

  • Size

    126KB

  • Sample

    240118-j4cryafffn

  • MD5

    64e81ece3d7e4b24e6c14e37a6047217

  • SHA1

    6be2d5f299b2925787e9d6ad7e407f9c38b7ebcc

  • SHA256

    de4d26d256868c168d4dc8ea9841bd0cfe9f382eadef9963d7326f14bf9cd28f

  • SHA512

    09259e420bc7ed093f5d5de6f0fe41519e1fa5ea31bf1823dd7c177a7229e1035e8edcfce98af6b913c953d14af67b2a8dd5618f43bfd343401c94fd32755ffd

  • SSDEEP

    3072:SKcWmjRrz3ZKcWmjRrz3GzBmFzMlPJ+fXSsjlyGfihuoAGS:hGyGGVGqPJXsj78Ad

Malware Config

Targets

    • Target

      64e81ece3d7e4b24e6c14e37a6047217

    • Size

      126KB

    • MD5

      64e81ece3d7e4b24e6c14e37a6047217

    • SHA1

      6be2d5f299b2925787e9d6ad7e407f9c38b7ebcc

    • SHA256

      de4d26d256868c168d4dc8ea9841bd0cfe9f382eadef9963d7326f14bf9cd28f

    • SHA512

      09259e420bc7ed093f5d5de6f0fe41519e1fa5ea31bf1823dd7c177a7229e1035e8edcfce98af6b913c953d14af67b2a8dd5618f43bfd343401c94fd32755ffd

    • SSDEEP

      3072:SKcWmjRrz3ZKcWmjRrz3GzBmFzMlPJ+fXSsjlyGfihuoAGS:hGyGGVGqPJXsj78Ad

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks