General

  • Target

    9fc746fecb1fe1bfe783fa6cbaf6f0a3564f2020b9dff4886017eda1c2e74d11

  • Size

    1.6MB

  • Sample

    240407-3zjt8saf22

  • MD5

    abc78c6f29f54e8937e595666b02522f

  • SHA1

    90180221e2ef3f69a2042670b980cb5df3655e26

  • SHA256

    9fc746fecb1fe1bfe783fa6cbaf6f0a3564f2020b9dff4886017eda1c2e74d11

  • SHA512

    294beb1434c7c7e41aa2ba3dd0275d54314e0c098e17858227bfa16a8d2bfb83cfc5f49032fcfacda65a5dd4cd0584346de1e349f652a91f0adf9473001d10c6

  • SSDEEP

    24576:oWo4h8UAB8/b2HKU5ZHZhORxBN062IVjy8dDljj2MYckzthMyCCP4ePQpL85nCoM:Vo08UAblb5h8FhNllK7MLs4twCoJXLQN

Malware Config

Targets

    • Target

      9fc746fecb1fe1bfe783fa6cbaf6f0a3564f2020b9dff4886017eda1c2e74d11

    • Size

      1.6MB

    • MD5

      abc78c6f29f54e8937e595666b02522f

    • SHA1

      90180221e2ef3f69a2042670b980cb5df3655e26

    • SHA256

      9fc746fecb1fe1bfe783fa6cbaf6f0a3564f2020b9dff4886017eda1c2e74d11

    • SHA512

      294beb1434c7c7e41aa2ba3dd0275d54314e0c098e17858227bfa16a8d2bfb83cfc5f49032fcfacda65a5dd4cd0584346de1e349f652a91f0adf9473001d10c6

    • SSDEEP

      24576:oWo4h8UAB8/b2HKU5ZHZhORxBN062IVjy8dDljj2MYckzthMyCCP4ePQpL85nCoM:Vo08UAblb5h8FhNllK7MLs4twCoJXLQN

    • Detects executables containing possible sandbox analysis VM usernames

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks