General

  • Target

    9046d4a180056f102c6b65f5fb9f6e87

  • Size

    250KB

  • Sample

    240204-1z5qladgep

  • MD5

    9046d4a180056f102c6b65f5fb9f6e87

  • SHA1

    694faa8460d775b804a810c4756c533bb9622b43

  • SHA256

    8dc32023135d894de9b5cc7a72224244dcbcd9be4088eb9991d954e9436a93ee

  • SHA512

    6e9b24965f61a30d2cbb527584086da8dd23f0b4a7e2d48df1ff4d28a75c4a826f3d81cb3195af0d0e4c4b42e19b4bf95cf1353e5be545ab0e3f4cf69d3823c8

  • SSDEEP

    6144:h1OgDPdkBAFZWjadD4s5qjaU/j2Rurhh1Ufb9EVQe9lv9w8:h1OgLdaOEaU/kc1UREVQ29t

Malware Config

Targets

    • Target

      9046d4a180056f102c6b65f5fb9f6e87

    • Size

      250KB

    • MD5

      9046d4a180056f102c6b65f5fb9f6e87

    • SHA1

      694faa8460d775b804a810c4756c533bb9622b43

    • SHA256

      8dc32023135d894de9b5cc7a72224244dcbcd9be4088eb9991d954e9436a93ee

    • SHA512

      6e9b24965f61a30d2cbb527584086da8dd23f0b4a7e2d48df1ff4d28a75c4a826f3d81cb3195af0d0e4c4b42e19b4bf95cf1353e5be545ab0e3f4cf69d3823c8

    • SSDEEP

      6144:h1OgDPdkBAFZWjadD4s5qjaU/j2Rurhh1Ufb9EVQe9lv9w8:h1OgLdaOEaU/kc1UREVQ29t

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks