General

  • Target

    ee1edb52e9b4f6e0d3f983e4f0b77c9bce3740dfd440b0edc43ad9004258ea06

  • Size

    82KB

  • Sample

    240406-ex5rxsba24

  • MD5

    8eb90142c4aa1db09ac4c2cc3e9a12b4

  • SHA1

    ec17d1aec10972c8528b626d3ea65dd6c80ec8b0

  • SHA256

    ee1edb52e9b4f6e0d3f983e4f0b77c9bce3740dfd440b0edc43ad9004258ea06

  • SHA512

    39c659fedb53285276d3d2e1564b37484d0829801f62c2faca13e4e1b953cc39b8eebb22c894ecbf583b896eb9572db7901f00cf0bf12e7735a9c9beeca9a098

  • SSDEEP

    768:XqNK2cNW0QbRsWjcd+6yBFLqJ4Z8qx70RM8/O/B2ZR1RGn8NIoJtR+beoI:scNjQlsWjcd+xzl7SM+Gn82i+beoI

Malware Config

Targets

    • Target

      ee1edb52e9b4f6e0d3f983e4f0b77c9bce3740dfd440b0edc43ad9004258ea06

    • Size

      82KB

    • MD5

      8eb90142c4aa1db09ac4c2cc3e9a12b4

    • SHA1

      ec17d1aec10972c8528b626d3ea65dd6c80ec8b0

    • SHA256

      ee1edb52e9b4f6e0d3f983e4f0b77c9bce3740dfd440b0edc43ad9004258ea06

    • SHA512

      39c659fedb53285276d3d2e1564b37484d0829801f62c2faca13e4e1b953cc39b8eebb22c894ecbf583b896eb9572db7901f00cf0bf12e7735a9c9beeca9a098

    • SSDEEP

      768:XqNK2cNW0QbRsWjcd+6yBFLqJ4Z8qx70RM8/O/B2ZR1RGn8NIoJtR+beoI:scNjQlsWjcd+xzl7SM+Gn82i+beoI

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks