General

  • Target

    a989a1103f3c28430fb47cbb435fde1932812462f5cef76ad3768bcb5725dadf

  • Size

    378KB

  • Sample

    240408-ajmxqsah2w

  • MD5

    a587ef15ad369e5a07a4445bb64b3757

  • SHA1

    efad0d841662fc2804d91b6471ffb5d357f16366

  • SHA256

    a989a1103f3c28430fb47cbb435fde1932812462f5cef76ad3768bcb5725dadf

  • SHA512

    4aa19153755f8f055939fcf93b2251c970051e9c760f939854487ae36c7a1dfa008967b69c783d4b154a9187a65d74edf6679a6257c886ecc9eb76d6c03d06f5

  • SSDEEP

    6144:ztvBPnU1b7e9SQii1EkoNlhlrQ2ZrM2x6++wtdsnkbjvnMUP/cw978jOpD92WRr:Zv1nWdQP1EDhZPxDJ3oUb7xySr

Malware Config

Targets

    • Target

      a989a1103f3c28430fb47cbb435fde1932812462f5cef76ad3768bcb5725dadf

    • Size

      378KB

    • MD5

      a587ef15ad369e5a07a4445bb64b3757

    • SHA1

      efad0d841662fc2804d91b6471ffb5d357f16366

    • SHA256

      a989a1103f3c28430fb47cbb435fde1932812462f5cef76ad3768bcb5725dadf

    • SHA512

      4aa19153755f8f055939fcf93b2251c970051e9c760f939854487ae36c7a1dfa008967b69c783d4b154a9187a65d74edf6679a6257c886ecc9eb76d6c03d06f5

    • SSDEEP

      6144:ztvBPnU1b7e9SQii1EkoNlhlrQ2ZrM2x6++wtdsnkbjvnMUP/cw978jOpD92WRr:Zv1nWdQP1EDhZPxDJ3oUb7xySr

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks