General

  • Target

    4c05449a1c96823573a67b69e85b4babc0243304ad75c7f0f18fa2b44b6ccf44

  • Size

    26KB

  • Sample

    240407-znh7saeb6z

  • MD5

    b5108bfc5e195c2a77f70de3ff7885d8

  • SHA1

    e0930fb7325d8b2dc7f70c3e6b1c2305ae7a1c46

  • SHA256

    4c05449a1c96823573a67b69e85b4babc0243304ad75c7f0f18fa2b44b6ccf44

  • SHA512

    da71a15a56cee69403beaf8c8643784cdcfa621c0dd62ada47c53e975f5df82ef08ebc7487e1eb60b979960556d6c6dc40a5c397d2405ae1f7034e0220dcead8

  • SSDEEP

    768:XkX3LKew369lp2z3Sd4baFXLjwP/Tgj93b8NIoY:6KcR4mjD9r82J

Malware Config

Targets

    • Target

      4c05449a1c96823573a67b69e85b4babc0243304ad75c7f0f18fa2b44b6ccf44

    • Size

      26KB

    • MD5

      b5108bfc5e195c2a77f70de3ff7885d8

    • SHA1

      e0930fb7325d8b2dc7f70c3e6b1c2305ae7a1c46

    • SHA256

      4c05449a1c96823573a67b69e85b4babc0243304ad75c7f0f18fa2b44b6ccf44

    • SHA512

      da71a15a56cee69403beaf8c8643784cdcfa621c0dd62ada47c53e975f5df82ef08ebc7487e1eb60b979960556d6c6dc40a5c397d2405ae1f7034e0220dcead8

    • SSDEEP

      768:XkX3LKew369lp2z3Sd4baFXLjwP/Tgj93b8NIoY:6KcR4mjD9r82J

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks