General

  • Target

    b44cd45930d85e6ea0840c08874f5ae6

  • Size

    3.4MB

  • Sample

    240305-ktgtksbh35

  • MD5

    b44cd45930d85e6ea0840c08874f5ae6

  • SHA1

    290b494da40334ba122b739962852611ebf8b4e5

  • SHA256

    85e29fa974876e8833e021c779408e5b29449df1b14af5cc068cdf07ee27935d

  • SHA512

    a43e75a62ded4c1cc52e218c0777c451bf5ae713c246059b35d5ff97c2b739843d3e66aaf22504b15d2a57f8e07d5a9e227199160b6ca70ac8f011f3415ecc32

  • SSDEEP

    49152:prb35DMnCIjtAyjv9M4LfUVLnHFLHkJEYoJdXN0BMOwLloBruge/4MnYYJ2ZhqSL:prG55h9qDrJdXN0B7+sFIDQ

Malware Config

Targets

    • Target

      b44cd45930d85e6ea0840c08874f5ae6

    • Size

      3.4MB

    • MD5

      b44cd45930d85e6ea0840c08874f5ae6

    • SHA1

      290b494da40334ba122b739962852611ebf8b4e5

    • SHA256

      85e29fa974876e8833e021c779408e5b29449df1b14af5cc068cdf07ee27935d

    • SHA512

      a43e75a62ded4c1cc52e218c0777c451bf5ae713c246059b35d5ff97c2b739843d3e66aaf22504b15d2a57f8e07d5a9e227199160b6ca70ac8f011f3415ecc32

    • SSDEEP

      49152:prb35DMnCIjtAyjv9M4LfUVLnHFLHkJEYoJdXN0BMOwLloBruge/4MnYYJ2ZhqSL:prG55h9qDrJdXN0B7+sFIDQ

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks