General

  • Target

    f49799d0fb08b3da2385cf1a0e4126dc53deebc08c10e83f9beeae2b2d4f4f36

  • Size

    3.3MB

  • Sample

    240406-e9efhabb83

  • MD5

    a0d3a0c789f0bdc16d03816e7f83191f

  • SHA1

    70194d3158c403bf5a097f16acfe8c6535f589fe

  • SHA256

    f49799d0fb08b3da2385cf1a0e4126dc53deebc08c10e83f9beeae2b2d4f4f36

  • SHA512

    2fcbf0bafff090f3aae8edffb30ac6f3b4766f0d736d2b638947431565be45944a74ba37388628dd5958cef8f52b74fcc976a858e0a756b6a8f550c275bfc614

  • SSDEEP

    49152:r3BKBUvdWJTy4nia5w32OvfZcvkuRdLHkJEANmsvHHu3e6ZU6CENlc7dpJLrQWd:+ni+w32+QDENms2O69CEN6rV

Score
7/10

Malware Config

Targets

    • Target

      f49799d0fb08b3da2385cf1a0e4126dc53deebc08c10e83f9beeae2b2d4f4f36

    • Size

      3.3MB

    • MD5

      a0d3a0c789f0bdc16d03816e7f83191f

    • SHA1

      70194d3158c403bf5a097f16acfe8c6535f589fe

    • SHA256

      f49799d0fb08b3da2385cf1a0e4126dc53deebc08c10e83f9beeae2b2d4f4f36

    • SHA512

      2fcbf0bafff090f3aae8edffb30ac6f3b4766f0d736d2b638947431565be45944a74ba37388628dd5958cef8f52b74fcc976a858e0a756b6a8f550c275bfc614

    • SSDEEP

      49152:r3BKBUvdWJTy4nia5w32OvfZcvkuRdLHkJEANmsvHHu3e6ZU6CENlc7dpJLrQWd:+ni+w32+QDENms2O69CEN6rV

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks