General

  • Target

    2f38841d7eaedb9cd61f2db5a31a08653684e6083d4ae9a2c383d38ce2fae6c0

  • Size

    276KB

  • Sample

    240407-yjz43adc22

  • MD5

    5f982f95a3b1529f43d3b1150c4b4489

  • SHA1

    9d1ec5115b2ec1ee79cbc0cb2cc470a75049ea31

  • SHA256

    2f38841d7eaedb9cd61f2db5a31a08653684e6083d4ae9a2c383d38ce2fae6c0

  • SHA512

    7c568a2e2d9bc19d19aab93f9302f0d133890445a41d281ecfe885c4128dc012da9264c5809672f5a09ff96c108c922dd382a6164d343f69274eb086cfe554c4

  • SSDEEP

    6144:9rTfUHeeSKOS9ccFKk3Y9t9YxVPAAIFE6:9n8yN0Mr8Qk6

Malware Config

Targets

    • Target

      2f38841d7eaedb9cd61f2db5a31a08653684e6083d4ae9a2c383d38ce2fae6c0

    • Size

      276KB

    • MD5

      5f982f95a3b1529f43d3b1150c4b4489

    • SHA1

      9d1ec5115b2ec1ee79cbc0cb2cc470a75049ea31

    • SHA256

      2f38841d7eaedb9cd61f2db5a31a08653684e6083d4ae9a2c383d38ce2fae6c0

    • SHA512

      7c568a2e2d9bc19d19aab93f9302f0d133890445a41d281ecfe885c4128dc012da9264c5809672f5a09ff96c108c922dd382a6164d343f69274eb086cfe554c4

    • SSDEEP

      6144:9rTfUHeeSKOS9ccFKk3Y9t9YxVPAAIFE6:9n8yN0Mr8Qk6

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks