General

  • Target

    b4cd596d86026e217f55123520b00594

  • Size

    3.9MB

  • Sample

    240305-qny4kagg27

  • MD5

    b4cd596d86026e217f55123520b00594

  • SHA1

    4f8727925374353dbfdcc26c2e73f8278f6f2ac4

  • SHA256

    cedfb6466d8e8bdbc8e8209035807174848f4967f1dd1d5ce8416b7a92a81aea

  • SHA512

    28c65af4ad8bbd750b45b0c71dec7bae6b582cab2b52aebb1bf2d9c085ddd98c21474d06c8c514c3390a6bab323a02c58d37acdec9f9bd4a02030458699ef692

  • SSDEEP

    49152:FKPcfrOO53RTqtiaakOElMaFLkhNnT3wnNTBCRCWlIssZLi5lKr+hEp6:YPcfrOO536ak7NIGGUVp

Malware Config

Targets

    • Target

      b4cd596d86026e217f55123520b00594

    • Size

      3.9MB

    • MD5

      b4cd596d86026e217f55123520b00594

    • SHA1

      4f8727925374353dbfdcc26c2e73f8278f6f2ac4

    • SHA256

      cedfb6466d8e8bdbc8e8209035807174848f4967f1dd1d5ce8416b7a92a81aea

    • SHA512

      28c65af4ad8bbd750b45b0c71dec7bae6b582cab2b52aebb1bf2d9c085ddd98c21474d06c8c514c3390a6bab323a02c58d37acdec9f9bd4a02030458699ef692

    • SSDEEP

      49152:FKPcfrOO53RTqtiaakOElMaFLkhNnT3wnNTBCRCWlIssZLi5lKr+hEp6:YPcfrOO536ak7NIGGUVp

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks