General

  • Target

    99efa583e66941a2dd8c17d983876d4fe35de92e7be0b8d696c43580d129e1af

  • Size

    26KB

  • Sample

    240407-3q6mmsab2s

  • MD5

    8222cc29fdeb85cc5e71e5d2ba2cdc0e

  • SHA1

    467737c290a4db43806df42bcbdf4e37586a2f11

  • SHA256

    99efa583e66941a2dd8c17d983876d4fe35de92e7be0b8d696c43580d129e1af

  • SHA512

    5cbae650c63b1f8d10943a9925af881b8dbafd27305997a0450c21993c45c862ed84b934860955f938ea3bdeffc791470e391370d933b2bc071cf72e7d07bb71

  • SSDEEP

    768:XkX3LKew369lp2z3Sd4baFXLjwP/Tgj93b8NIoT:6KcR4mjD9r82E

Malware Config

Targets

    • Target

      99efa583e66941a2dd8c17d983876d4fe35de92e7be0b8d696c43580d129e1af

    • Size

      26KB

    • MD5

      8222cc29fdeb85cc5e71e5d2ba2cdc0e

    • SHA1

      467737c290a4db43806df42bcbdf4e37586a2f11

    • SHA256

      99efa583e66941a2dd8c17d983876d4fe35de92e7be0b8d696c43580d129e1af

    • SHA512

      5cbae650c63b1f8d10943a9925af881b8dbafd27305997a0450c21993c45c862ed84b934860955f938ea3bdeffc791470e391370d933b2bc071cf72e7d07bb71

    • SSDEEP

      768:XkX3LKew369lp2z3Sd4baFXLjwP/Tgj93b8NIoT:6KcR4mjD9r82E

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks