General

  • Target

    e036ad1fe55cdbf1033e28521e39488c7b591fcdeac7778a4565c0927da5d662

  • Size

    163KB

  • Sample

    240407-ypzeqada3z

  • MD5

    ff852c6f60f2be0d44c01ee585d94bad

  • SHA1

    1798667029690d25851e4528b689a81b92eda8bc

  • SHA256

    e036ad1fe55cdbf1033e28521e39488c7b591fcdeac7778a4565c0927da5d662

  • SHA512

    01e891c71dd6814661e3ef8036fc6e3a51b4a06119decbf55b40f7a109c7b4a2b9ccb92de15c2a07ab59859f1b502051f908d27be530792e1c2f932a42e008f5

  • SSDEEP

    3072:PVaY46tGNttyJQ7KREQekqnwLD9m0WjfuRRfEdj4E3f90bC:346tGdySQek9if1Vv+W

Score
8/10

Malware Config

Targets

    • Target

      e036ad1fe55cdbf1033e28521e39488c7b591fcdeac7778a4565c0927da5d662

    • Size

      163KB

    • MD5

      ff852c6f60f2be0d44c01ee585d94bad

    • SHA1

      1798667029690d25851e4528b689a81b92eda8bc

    • SHA256

      e036ad1fe55cdbf1033e28521e39488c7b591fcdeac7778a4565c0927da5d662

    • SHA512

      01e891c71dd6814661e3ef8036fc6e3a51b4a06119decbf55b40f7a109c7b4a2b9ccb92de15c2a07ab59859f1b502051f908d27be530792e1c2f932a42e008f5

    • SSDEEP

      3072:PVaY46tGNttyJQ7KREQekqnwLD9m0WjfuRRfEdj4E3f90bC:346tGdySQek9if1Vv+W

    Score
    8/10
    • Drops file in Drivers directory

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks