General

  • Target

    ad0f158349e1a0f7b93e58223e7369b1

  • Size

    2.8MB

  • Sample

    240228-2sc8fafg31

  • MD5

    ad0f158349e1a0f7b93e58223e7369b1

  • SHA1

    a36e24ed9e9a06ea17a3561be65f3216e1ca8ed0

  • SHA256

    5872916383b980e2bc5bfd9dd99248b26923597d8e0bb5df2f133239e07b44f8

  • SHA512

    bcfa520833fc87f8fa47b6b49825af79ec4f9286730a3ab5227fee65fc5c0b30b16a495cb6b148eb3f574b4f112bbc8f41092c73e31040f5bd7e1a9b92d0d2ed

  • SSDEEP

    49152:F7vx1wnNTBx40m35DMnCIjtAyfC+R2zNsnKvkTgXuquveY+W2o8oT3ezMrl9ceky:nGr55k+RYNAKvkTgXuquveY+W2o8oT3/

Malware Config

Targets

    • Target

      ad0f158349e1a0f7b93e58223e7369b1

    • Size

      2.8MB

    • MD5

      ad0f158349e1a0f7b93e58223e7369b1

    • SHA1

      a36e24ed9e9a06ea17a3561be65f3216e1ca8ed0

    • SHA256

      5872916383b980e2bc5bfd9dd99248b26923597d8e0bb5df2f133239e07b44f8

    • SHA512

      bcfa520833fc87f8fa47b6b49825af79ec4f9286730a3ab5227fee65fc5c0b30b16a495cb6b148eb3f574b4f112bbc8f41092c73e31040f5bd7e1a9b92d0d2ed

    • SSDEEP

      49152:F7vx1wnNTBx40m35DMnCIjtAyfC+R2zNsnKvkTgXuquveY+W2o8oT3ezMrl9ceky:nGr55k+RYNAKvkTgXuquveY+W2o8oT3/

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks