General

  • Target

    YandexPackLoader (1).exe

  • Size

    329KB

  • Sample

    240222-whwddadd3v

  • MD5

    9cab60a27702f8b6afe4895792718c67

  • SHA1

    acaa9e851da9804a7c8f6a1a6cd5eee872c878f9

  • SHA256

    cac27906e3604dad123d97a55310aa548571c199ce257208a7003e18af3f8dd7

  • SHA512

    79d4e37f3e431ee8826b19e800ecb88f958ca78bd4b4307fe028827c0e05424e2168e99caf6216d58c85fba404e2533ad2a6f1e37270a29fd6b996e5297f1fff

  • SSDEEP

    6144:/7namNE/XwwCleWdpQEOEEwmBFunb0AAO/kQlSHOxQz:LamSANleWduyE03ZkKuOx

Malware Config

Targets

    • Target

      YandexPackLoader (1).exe

    • Size

      329KB

    • MD5

      9cab60a27702f8b6afe4895792718c67

    • SHA1

      acaa9e851da9804a7c8f6a1a6cd5eee872c878f9

    • SHA256

      cac27906e3604dad123d97a55310aa548571c199ce257208a7003e18af3f8dd7

    • SHA512

      79d4e37f3e431ee8826b19e800ecb88f958ca78bd4b4307fe028827c0e05424e2168e99caf6216d58c85fba404e2533ad2a6f1e37270a29fd6b996e5297f1fff

    • SSDEEP

      6144:/7namNE/XwwCleWdpQEOEEwmBFunb0AAO/kQlSHOxQz:LamSANleWduyE03ZkKuOx

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks