General

  • Target

    d17739852c8d3a818026afe64e5fbbc45154c364f9bb4c6cdd33b9f1d767c2ce.exe

  • Size

    17KB

  • Sample

    240228-vmka8shd3w

  • MD5

    12f86d1f2f3d6c0b5cb7440aec26c317

  • SHA1

    166b6a4f14c5390e26eeae2dc26dec067a1f996a

  • SHA256

    d17739852c8d3a818026afe64e5fbbc45154c364f9bb4c6cdd33b9f1d767c2ce

  • SHA512

    e0846442de6c22fb586b1b6f02956a453f0b5733dbb999bfc86711acfedd5821b2d8cedcf863ab84a2868abbba54e5008e08d61a70398750ebea84d7d54304ab

  • SSDEEP

    192:m80GZruIW1ulxIKbv84Yceky/ur0M1Y4nv84Yceky/ur0M1Y4:m80GEIW1ulecvrYc2GrFtnvrYc2GrFt

Malware Config

Targets

    • Target

      d17739852c8d3a818026afe64e5fbbc45154c364f9bb4c6cdd33b9f1d767c2ce.exe

    • Size

      17KB

    • MD5

      12f86d1f2f3d6c0b5cb7440aec26c317

    • SHA1

      166b6a4f14c5390e26eeae2dc26dec067a1f996a

    • SHA256

      d17739852c8d3a818026afe64e5fbbc45154c364f9bb4c6cdd33b9f1d767c2ce

    • SHA512

      e0846442de6c22fb586b1b6f02956a453f0b5733dbb999bfc86711acfedd5821b2d8cedcf863ab84a2868abbba54e5008e08d61a70398750ebea84d7d54304ab

    • SSDEEP

      192:m80GZruIW1ulxIKbv84Yceky/ur0M1Y4nv84Yceky/ur0M1Y4:m80GEIW1ulecvrYc2GrFtnvrYc2GrFt

    • Drops file in Drivers directory

    • Manipulates Digital Signatures

      Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.

    • Possible privilege escalation attempt

    • Modifies file permissions

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops desktop.ini file(s)

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks