General

  • Target

    9d776b0b42807f95c502434d97838f8aa967824232d017d399e0cb0ed3763c08

  • Size

    745KB

  • Sample

    240515-mew13adb24

  • MD5

    258870af59a06ea894f808e7a92a9266

  • SHA1

    33f00151e6c7a5f90cfbae402e3d55f03d51421b

  • SHA256

    9d776b0b42807f95c502434d97838f8aa967824232d017d399e0cb0ed3763c08

  • SHA512

    435536ed5c6a2afcbec603961e9328be6bfdd5b20260464bc57b622f6c28dbd5f47ac9c27b1ff2bdfb3a236be08b717706536430476cbd9bfb9197e915bb5f8b

  • SSDEEP

    12288:bMfIC1YbyavhWf/ffTmIH8RRJysHXVfpdVRb1Jt8EtPXMBQlWxd3RWC0kv9g/Nzn:bMgCKbZh5yGHlfXbt8EtPz4d3oG9g/xs

Malware Config

Targets

    • Target

      9d776b0b42807f95c502434d97838f8aa967824232d017d399e0cb0ed3763c08

    • Size

      745KB

    • MD5

      258870af59a06ea894f808e7a92a9266

    • SHA1

      33f00151e6c7a5f90cfbae402e3d55f03d51421b

    • SHA256

      9d776b0b42807f95c502434d97838f8aa967824232d017d399e0cb0ed3763c08

    • SHA512

      435536ed5c6a2afcbec603961e9328be6bfdd5b20260464bc57b622f6c28dbd5f47ac9c27b1ff2bdfb3a236be08b717706536430476cbd9bfb9197e915bb5f8b

    • SSDEEP

      12288:bMfIC1YbyavhWf/ffTmIH8RRJysHXVfpdVRb1Jt8EtPXMBQlWxd3RWC0kv9g/Nzn:bMgCKbZh5yGHlfXbt8EtPz4d3oG9g/xs

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks