General

  • Target

    1ea1e1510ecd0ace7823c1328506a006d80c2aeeb8f2b22743652954dde45e81

  • Size

    286KB

  • Sample

    240407-xwqwgscc85

  • MD5

    a80e84dc3523182d345ac152f1bb2fcc

  • SHA1

    7a05796b6bd12f1fd1ac4a78df2ddb08553fc11a

  • SHA256

    1ea1e1510ecd0ace7823c1328506a006d80c2aeeb8f2b22743652954dde45e81

  • SHA512

    3fb2ef2720ffbc4c75734994f4aead9ba1663ab14a9cd9d5a2b44c1af2e0ac0e266fb7f7af9dd14a9acfd3159ab3b5aefb0525e29746eac73696cd53a7bcd441

  • SSDEEP

    6144:ztvBPnU1b7e9SQii1EkoNlhlrQ2ZrM2xg/8NP/zwRJe7U8d9wP:Zv1nWdQP1EDhZPxg/8Z/Z7U8dSP

Malware Config

Targets

    • Target

      1ea1e1510ecd0ace7823c1328506a006d80c2aeeb8f2b22743652954dde45e81

    • Size

      286KB

    • MD5

      a80e84dc3523182d345ac152f1bb2fcc

    • SHA1

      7a05796b6bd12f1fd1ac4a78df2ddb08553fc11a

    • SHA256

      1ea1e1510ecd0ace7823c1328506a006d80c2aeeb8f2b22743652954dde45e81

    • SHA512

      3fb2ef2720ffbc4c75734994f4aead9ba1663ab14a9cd9d5a2b44c1af2e0ac0e266fb7f7af9dd14a9acfd3159ab3b5aefb0525e29746eac73696cd53a7bcd441

    • SSDEEP

      6144:ztvBPnU1b7e9SQii1EkoNlhlrQ2ZrM2xg/8NP/zwRJe7U8d9wP:Zv1nWdQP1EDhZPxg/8Z/Z7U8dSP

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks