General

  • Target

    48710bafe32e2db7c533737d887ad136e32d415c3d118abea1bdc472d6c64da3

  • Size

    266KB

  • Sample

    240407-zjct7sea6s

  • MD5

    06be138ad45b732109472890f1851a85

  • SHA1

    0df5fccc5023bc5ebb65bcf50b074bf7a1bf7d29

  • SHA256

    48710bafe32e2db7c533737d887ad136e32d415c3d118abea1bdc472d6c64da3

  • SHA512

    35644a8b361c1a049361cc180f725947118e4618fd75568dbed7e4afde1860fafae0ce5659261a609aa67440efe6bf8a14db4aa8b0d12aa30400295b5457a563

  • SSDEEP

    6144:bi8vymQ3xs3NBBi5TsWEyiBfy2SgOROo7A4NAyoMZZPThpZ:bixi9BA5QbJ98d7A4NMMZZ1pZ

Malware Config

Targets

    • Target

      48710bafe32e2db7c533737d887ad136e32d415c3d118abea1bdc472d6c64da3

    • Size

      266KB

    • MD5

      06be138ad45b732109472890f1851a85

    • SHA1

      0df5fccc5023bc5ebb65bcf50b074bf7a1bf7d29

    • SHA256

      48710bafe32e2db7c533737d887ad136e32d415c3d118abea1bdc472d6c64da3

    • SHA512

      35644a8b361c1a049361cc180f725947118e4618fd75568dbed7e4afde1860fafae0ce5659261a609aa67440efe6bf8a14db4aa8b0d12aa30400295b5457a563

    • SSDEEP

      6144:bi8vymQ3xs3NBBi5TsWEyiBfy2SgOROo7A4NAyoMZZPThpZ:bixi9BA5QbJ98d7A4NMMZZ1pZ

    • Detects executables containing possible sandbox analysis VM usernames

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks