Resubmissions

21-01-2024 14:51

240121-r8gkpaddhk 10

21-01-2024 14:29

240121-rt2bjsdhh4 10

General

  • Target

    85f4088286ac1eedc94ad9dc6465e9e4b89d1cde3012f9949450fcc9f2b60431.bin.zip

  • Size

    185KB

  • Sample

    240121-r8gkpaddhk

  • MD5

    e4d61818e8cfef0a999a231b096c7a3c

  • SHA1

    6a86de7809face9f1f981f0a8d4606210670d65a

  • SHA256

    18b2a5097716538945b45d80cb9428de3241a3066716d177388adf8691027431

  • SHA512

    f94b15f5497980a79b604895960df92c474ca180fe19b23aa5953411ef1a5a31f139b78d45ca3bf9970d6bdad2e10e2d550da0e81d63b7708454301258724e1f

  • SSDEEP

    3072:Eldo74EqzsvyRPHHB+cUL0/lM9KnaykbcNGroSP4Z9phl72od3eBhqPeBabY9A6n:+D4y1BwxUn2IgrjS9HrYCKX

Malware Config

Targets

    • Target

      85f4088286ac1eedc94ad9dc6465e9e4b89d1cde3012f9949450fcc9f2b60431.bin

    • Size

      342KB

    • MD5

      c28b33f7365f9dc72cc291d13458f334

    • SHA1

      b4ad79b2800a6540f1c460ce6220a4ebb551a18b

    • SHA256

      85f4088286ac1eedc94ad9dc6465e9e4b89d1cde3012f9949450fcc9f2b60431

    • SHA512

      3bb9e234da571093c05e21b4ffdfa7ceb9d6f95a33a07e39260a974fdc19dfc7ba72e7f9a579ec45585857d5d543ff99a535b479cf77629858c3cfa1c824e46f

    • SSDEEP

      6144:Gx2QdiglMFGfzIBeZO8Wf2cMRsCO/xZqqDLuz+4pQoL27aR9:GAQsgScEydsCJqnuq4z2mR9

    • Trigona

      A ransomware first seen at the beginning of the 2022.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks