General

  • Target

    sample

  • Size

    869KB

  • Sample

    240223-jgnwpaea48

  • MD5

    be48322f9bd5a07a19f997a3f12b3561

  • SHA1

    59dc38ca9fa0e8700d6fa3f6e8aac29e106d22af

  • SHA256

    1e006ce822aabefe18723cacd19f9eec5688eade3180c1eccfc23fab79b61483

  • SHA512

    485189d5a16def0744ed571e5640d00aa9cfaaf0cd6d9bd201e680952e5efeb3c3a035ba786731b3c455b2b879d9c5f789152640817dd1d2c671b88c8b53c34d

  • SSDEEP

    6144:CJK90Z90f90C90R90y90w90d90U90ngXOQlQEdtoGU59U9JT84d+OvljoJqSesnm:C09k9w9V9g9F9F9k919ujAx

Malware Config

Targets

    • Target

      sample

    • Size

      869KB

    • MD5

      be48322f9bd5a07a19f997a3f12b3561

    • SHA1

      59dc38ca9fa0e8700d6fa3f6e8aac29e106d22af

    • SHA256

      1e006ce822aabefe18723cacd19f9eec5688eade3180c1eccfc23fab79b61483

    • SHA512

      485189d5a16def0744ed571e5640d00aa9cfaaf0cd6d9bd201e680952e5efeb3c3a035ba786731b3c455b2b879d9c5f789152640817dd1d2c671b88c8b53c34d

    • SSDEEP

      6144:CJK90Z90f90C90R90y90w90d90U90ngXOQlQEdtoGU59U9JT84d+OvljoJqSesnm:C09k9w9V9g9F9F9k919ujAx

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks