General
-
Target
ad82e92c2c1cb3a697ecd09edf1b885d
-
Size
663KB
-
Sample
240229-de4lgabg3v
-
MD5
ad82e92c2c1cb3a697ecd09edf1b885d
-
SHA1
e92cba86a1c3926d473fabc1881477342c5749b2
-
SHA256
e6694dae20d9a7ebddb6fd528018f859c23d1c60b4dfaeac79890cb624e5e0a5
-
SHA512
433eb58ff600974e7479fca2c4fab37c114c49785e67e5033eb978e93486128a62d154365240f6979237eb1f0da65f7043ede619afc8e9fe634b2268d8ab7b35
-
SSDEEP
12288:2qIZMiqLJJPJHwlMys/UbOSRauEicow4MaIN2DUxAZ2y8/NqwS/he4RwoYc2:2qIZGLJRits/YEuSoGZOiA9w4vv
Malware Config
Targets
-
-
Target
ad82e92c2c1cb3a697ecd09edf1b885d
-
Size
663KB
-
MD5
ad82e92c2c1cb3a697ecd09edf1b885d
-
SHA1
e92cba86a1c3926d473fabc1881477342c5749b2
-
SHA256
e6694dae20d9a7ebddb6fd528018f859c23d1c60b4dfaeac79890cb624e5e0a5
-
SHA512
433eb58ff600974e7479fca2c4fab37c114c49785e67e5033eb978e93486128a62d154365240f6979237eb1f0da65f7043ede619afc8e9fe634b2268d8ab7b35
-
SSDEEP
12288:2qIZMiqLJJPJHwlMys/UbOSRauEicow4MaIN2DUxAZ2y8/NqwS/he4RwoYc2:2qIZGLJRits/YEuSoGZOiA9w4vv
Score8/10-
Sets file to hidden
Modifies file attributes to stop it showing in Explorer etc.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
2Hidden Files and Directories
2Modify Registry
1