General
-
Target
OperaGXSetup.exe
-
Size
3.2MB
-
Sample
240205-nelqrsgdgj
-
MD5
24c1ed4a6804f1bd744a90ce134d93ae
-
SHA1
176a735f411b1629d2b8aa060925cbd8bb7f040b
-
SHA256
bc57196e3f7298c2825d20f54253c50e3d6a53f11b16e14bb329d25fc0cb9ecd
-
SHA512
4d0b0dc303ae351f524114cb040dc02fc3973583a70695d484bba536a01c2c5bfd85dc21ef25d81a8083984b7e971e5c1a45ad5c0167de6a18d4c948965798f7
-
SSDEEP
98304:QknNXrW/do46OjQl1GwZOaAGWTpzrBlyWnrHzEBY7GVA:QUW/dk4QvIr/laY7GVA
Malware Config
Targets
-
-
Target
OperaGXSetup.exe
-
Size
3.2MB
-
MD5
24c1ed4a6804f1bd744a90ce134d93ae
-
SHA1
176a735f411b1629d2b8aa060925cbd8bb7f040b
-
SHA256
bc57196e3f7298c2825d20f54253c50e3d6a53f11b16e14bb329d25fc0cb9ecd
-
SHA512
4d0b0dc303ae351f524114cb040dc02fc3973583a70695d484bba536a01c2c5bfd85dc21ef25d81a8083984b7e971e5c1a45ad5c0167de6a18d4c948965798f7
-
SSDEEP
98304:QknNXrW/do46OjQl1GwZOaAGWTpzrBlyWnrHzEBY7GVA:QUW/dk4QvIr/laY7GVA
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
1Subvert Trust Controls
1Install Root Certificate
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1