General

  • Target

    dc1bc516d598804e9750430c12bc59aff28eb5020c8574f24fba72ba48aedf27

  • Size

    2.7MB

  • Sample

    240526-ebct1sdf9s

  • MD5

    1c73a6b1b6f4c33bdbded9eaf8f5922e

  • SHA1

    d28e9a417d9ca752aefb6bc1b4b4d43d6a224627

  • SHA256

    dc1bc516d598804e9750430c12bc59aff28eb5020c8574f24fba72ba48aedf27

  • SHA512

    8cfc59082db2e6e7a56d2d55146f25f77beaa8624d205e77915e6430622dc38a68fd47da7d2138d626214748308d21fbc7eee034728d751646679dc6fc290507

  • SSDEEP

    49152:+R0p8xHycIq+GI27nGroMPTJPer1c2HSjpjK3LBq9w4Sx:+R0pI/IQlUoMPdmpSps4

Malware Config

Targets

    • Target

      dc1bc516d598804e9750430c12bc59aff28eb5020c8574f24fba72ba48aedf27

    • Size

      2.7MB

    • MD5

      1c73a6b1b6f4c33bdbded9eaf8f5922e

    • SHA1

      d28e9a417d9ca752aefb6bc1b4b4d43d6a224627

    • SHA256

      dc1bc516d598804e9750430c12bc59aff28eb5020c8574f24fba72ba48aedf27

    • SHA512

      8cfc59082db2e6e7a56d2d55146f25f77beaa8624d205e77915e6430622dc38a68fd47da7d2138d626214748308d21fbc7eee034728d751646679dc6fc290507

    • SSDEEP

      49152:+R0p8xHycIq+GI27nGroMPTJPer1c2HSjpjK3LBq9w4Sx:+R0pI/IQlUoMPdmpSps4

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks