General

  • Target

    b2fa318501c03e05d53c75c524a51cd9

  • Size

    2.5MB

  • Sample

    240304-yldc3sbf7w

  • MD5

    b2fa318501c03e05d53c75c524a51cd9

  • SHA1

    3466c4bafaa9602f8eabce4043997d709f3d484a

  • SHA256

    724c7148195618326809d51059349fc17eee6908bcb2e3c0def3f74d8d7dff1d

  • SHA512

    360665a7f9b784f58885ead723a1f0bd94865df761d6f9523cf55f8e39c3caa485900e44429ba8107e5c2e4e0aa3fc62439d59ec695ef4e47db81e65d33bdd7d

  • SSDEEP

    49152:FObOu4TLNM84pXv9MGmUi6AjW/MUSdGRf3/:fKff98jxAZ

Malware Config

Targets

    • Target

      b2fa318501c03e05d53c75c524a51cd9

    • Size

      2.5MB

    • MD5

      b2fa318501c03e05d53c75c524a51cd9

    • SHA1

      3466c4bafaa9602f8eabce4043997d709f3d484a

    • SHA256

      724c7148195618326809d51059349fc17eee6908bcb2e3c0def3f74d8d7dff1d

    • SHA512

      360665a7f9b784f58885ead723a1f0bd94865df761d6f9523cf55f8e39c3caa485900e44429ba8107e5c2e4e0aa3fc62439d59ec695ef4e47db81e65d33bdd7d

    • SSDEEP

      49152:FObOu4TLNM84pXv9MGmUi6AjW/MUSdGRf3/:fKff98jxAZ

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks