General

  • Target

    4d59a7739f15c17f144587762447d5abb81c01f16224a3f7ce5897d1b6f7ee77

  • Size

    1.2MB

  • Sample

    240410-mydntsgb3y

  • MD5

    167ac4792548676f7e9b648a5c4b5546

  • SHA1

    90ef8db9cea3d981535659c4fa6b1476744b3834

  • SHA256

    4d59a7739f15c17f144587762447d5abb81c01f16224a3f7ce5897d1b6f7ee77

  • SHA512

    c82120d3075ddcdde8b1450400a051a6552ac11c2aaff768a6985540adf4dc03025c695fda122f9489d5cd532997a6c00c68fe4e2178efbfc7d3fd97363eaba3

  • SSDEEP

    24576:pREbrBR0183uh7E6r5Q7AaJBo3QXerYfro:pGP01CuDNQ7AaJB9MiM

Malware Config

Targets

    • Target

      4d59a7739f15c17f144587762447d5abb81c01f16224a3f7ce5897d1b6f7ee77

    • Size

      1.2MB

    • MD5

      167ac4792548676f7e9b648a5c4b5546

    • SHA1

      90ef8db9cea3d981535659c4fa6b1476744b3834

    • SHA256

      4d59a7739f15c17f144587762447d5abb81c01f16224a3f7ce5897d1b6f7ee77

    • SHA512

      c82120d3075ddcdde8b1450400a051a6552ac11c2aaff768a6985540adf4dc03025c695fda122f9489d5cd532997a6c00c68fe4e2178efbfc7d3fd97363eaba3

    • SSDEEP

      24576:pREbrBR0183uh7E6r5Q7AaJBo3QXerYfro:pGP01CuDNQ7AaJB9MiM

    • OutSteel

      OutSteel is a file uploader and document stealer written in AutoIT.

    • OutSteel batch script

      Detects batch script dropped by OutSteel

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks