General

  • Target

    a7ea521dfa11433ef0d365a2fa5d8b87c1e2140b08e830ffbcef4fe45d808497

  • Size

    26KB

  • Sample

    240408-ahh76aag7t

  • MD5

    be0232bb04f5e25d80ee295894be7570

  • SHA1

    c1fb06fde6da5ac9fdb2321a8f0c2623f11088ea

  • SHA256

    a7ea521dfa11433ef0d365a2fa5d8b87c1e2140b08e830ffbcef4fe45d808497

  • SHA512

    6f35cd1bbd7bd89e9d115755973f3ac23a8748c38fabc15cfc32bac4128b0fcd628056f70f5da82f93a065c39bd6698c19a7e12928d980b03c4a10b33a54a96e

  • SSDEEP

    768:XkX3LKew369lp2z3Sd4baFXLjwP/Tgj93b8NIoN:6KcR4mjD9r826

Malware Config

Targets

    • Target

      a7ea521dfa11433ef0d365a2fa5d8b87c1e2140b08e830ffbcef4fe45d808497

    • Size

      26KB

    • MD5

      be0232bb04f5e25d80ee295894be7570

    • SHA1

      c1fb06fde6da5ac9fdb2321a8f0c2623f11088ea

    • SHA256

      a7ea521dfa11433ef0d365a2fa5d8b87c1e2140b08e830ffbcef4fe45d808497

    • SHA512

      6f35cd1bbd7bd89e9d115755973f3ac23a8748c38fabc15cfc32bac4128b0fcd628056f70f5da82f93a065c39bd6698c19a7e12928d980b03c4a10b33a54a96e

    • SSDEEP

      768:XkX3LKew369lp2z3Sd4baFXLjwP/Tgj93b8NIoN:6KcR4mjD9r826

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks