General

  • Target

    quisisana-ag.zip

  • Size

    573KB

  • Sample

    240205-f7eh6adffp

  • MD5

    c3ef145f00de574eb553058bad703ed7

  • SHA1

    26beea3f2eb986ee5e0ead5b7d5a1c9d0552dc10

  • SHA256

    85e86cbf51a56f65c49fc944cf1feb52a6d016ebbec2c03d98729fad831f8369

  • SHA512

    dafeb678b2df2fffb10d266ae621146100fd2543eb44f010700f3598493af8afe378028f49d0bdb9ca4291ee207a36f4a17dd33d90563088aa439bc04ff47336

  • SSDEEP

    12288:VBrNDitMdtOXqsM1hHGAbPJiAFKNl2Qc+lOC7i3JpM/abVwc+rqzrdKr:rN2M7UMJG2iDHlXKuaVwciIo

Score
10/10

Malware Config

Targets

    • Target

      427_20110203210461.js

    • Size

      1.6MB

    • MD5

      e911a2f692abe9095b0cb632b3f761b8

    • SHA1

      d0e8543020d1dd42468feb2f2aaba71008af627b

    • SHA256

      ad9b42c8db2d1988f385b01e94efc3b65cc82244d61b50569e36a60b7b90422b

    • SHA512

      b087e6e4bb3cfef63504abb78ba694c9f50b8afb08e822f3db6523b6f455350e68e00ee1cad122ef4b9095f76bbad01f0ff8735d37555035d16c7ce72a768d4d

    • SSDEEP

      24576:4K5/u/35l/nx7ayUaWWENDrcHo83D9wsO6BKBmpMlbC8fXGOSP7NVgZkZOt58Rzl:/Ib

    Score
    10/10
    • Strela

      An info stealer targeting mail credentials first seen in late 2022.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks