General

  • Target

    db3792ae8a6d6445ed6cc41c6b107bbe

  • Size

    1.3MB

  • Sample

    240321-kts7lshc6s

  • MD5

    db3792ae8a6d6445ed6cc41c6b107bbe

  • SHA1

    504a5bbe2551e053cd7a0e6da8a3b64f7fad0773

  • SHA256

    25bfe5532ec65f8137fa13f59ce99b79cc0c7ac1109f606c1404993e9fc664e1

  • SHA512

    4802dffe587e900b606431e8a5195d927cd63adfe54decdb96701f013fbd16a38407e2f5c64e27d6284add4223c8b2581c9dfdd941ebb83a550b862c1328d5b0

  • SSDEEP

    24576:7LzPUaGfv9QxeXggFb2bEzGycV3/gtkIdMJAz1rsXKY9eFVhNKxxCbBJtf2zjE:7LzykeXgcCllS3ZsXshN6xCbBJ48

Malware Config

Targets

    • Target

      db3792ae8a6d6445ed6cc41c6b107bbe

    • Size

      1.3MB

    • MD5

      db3792ae8a6d6445ed6cc41c6b107bbe

    • SHA1

      504a5bbe2551e053cd7a0e6da8a3b64f7fad0773

    • SHA256

      25bfe5532ec65f8137fa13f59ce99b79cc0c7ac1109f606c1404993e9fc664e1

    • SHA512

      4802dffe587e900b606431e8a5195d927cd63adfe54decdb96701f013fbd16a38407e2f5c64e27d6284add4223c8b2581c9dfdd941ebb83a550b862c1328d5b0

    • SSDEEP

      24576:7LzPUaGfv9QxeXggFb2bEzGycV3/gtkIdMJAz1rsXKY9eFVhNKxxCbBJtf2zjE:7LzykeXgcCllS3ZsXshN6xCbBJ48

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Registers COM server for autorun

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks