General

  • Target

    Remove-EdgeOnly.exe

  • Size

    7.7MB

  • Sample

    240511-fasphsgd99

  • MD5

    cd1abd6d55b99d7ca21bee6f4fdb2bc9

  • SHA1

    6f35466a981c223da67b0ba46f8bdd11057cc95c

  • SHA256

    33ba55d82eaab33a54fc34f1b8ce650a8f264a10295ed09d35548a5106780480

  • SHA512

    1b1bdf310434fc561bc6d2d676c25d2c2bb681a7132b8177f1f79f38151ff9f988e9943cf0158e28653544fcfd29cd8b4a8a896f766243a6d0c0b6469eac0276

  • SSDEEP

    196608:Q/8Olb2w9+L0YFqQxA10++MvJHDO6D3U/7F1g:Qplq5L0HQK1HnEzFa

Malware Config

Targets

    • Target

      Remove-EdgeOnly.exe

    • Size

      7.7MB

    • MD5

      cd1abd6d55b99d7ca21bee6f4fdb2bc9

    • SHA1

      6f35466a981c223da67b0ba46f8bdd11057cc95c

    • SHA256

      33ba55d82eaab33a54fc34f1b8ce650a8f264a10295ed09d35548a5106780480

    • SHA512

      1b1bdf310434fc561bc6d2d676c25d2c2bb681a7132b8177f1f79f38151ff9f988e9943cf0158e28653544fcfd29cd8b4a8a896f766243a6d0c0b6469eac0276

    • SSDEEP

      196608:Q/8Olb2w9+L0YFqQxA10++MvJHDO6D3U/7F1g:Qplq5L0HQK1HnEzFa

    • Modifies Installed Components in the registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops desktop.ini file(s)

    • Target

      edge.pyc

    • Size

      10KB

    • MD5

      c56d0d6c0fb406df907e74b29558c5b1

    • SHA1

      4db2eb534a883220c339107fa91d17a137a5547b

    • SHA256

      9ff3649e09530732eb9ced6ed28220ef21f6f977e2ada7c0b91fe1df2b7195eb

    • SHA512

      0abd95592628277d0f063c95c7eda844b61b5d0209525767b040689016b8a9213ef9d189c439b474117aeff837b3d0a96aae4167667451fb13b80b9cfed0f7fb

    • SSDEEP

      192:dr4k8KWFpWmlK0V5F3lTwTES11WlKffCXaUvh+v68iX:R4GWKmlK0VZ2TM8aXRa6zX

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks