General

  • Target

    8241635db2180caf24abe245b6568d6f2446e74f5345d19f920abb4d080ad798

  • Size

    2.6MB

  • Sample

    240407-2sm3mshb22

  • MD5

    365bb9c9a1c7054c28225584650d3647

  • SHA1

    96232c706831d88e8059f5fb9210cb19aecf5149

  • SHA256

    8241635db2180caf24abe245b6568d6f2446e74f5345d19f920abb4d080ad798

  • SHA512

    94f848ce60dd1a2012ff7401950456142a2670c6602124c7b0de7e94779e9249a59c2085624e7d67cf3122be7c33fe2c2eb8cc2e02f10a0776e2a81a0569f07b

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBdB/bS:sxX7QnxrloE5dpUpWb

Malware Config

Targets

    • Target

      8241635db2180caf24abe245b6568d6f2446e74f5345d19f920abb4d080ad798

    • Size

      2.6MB

    • MD5

      365bb9c9a1c7054c28225584650d3647

    • SHA1

      96232c706831d88e8059f5fb9210cb19aecf5149

    • SHA256

      8241635db2180caf24abe245b6568d6f2446e74f5345d19f920abb4d080ad798

    • SHA512

      94f848ce60dd1a2012ff7401950456142a2670c6602124c7b0de7e94779e9249a59c2085624e7d67cf3122be7c33fe2c2eb8cc2e02f10a0776e2a81a0569f07b

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBdB/bS:sxX7QnxrloE5dpUpWb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks