General

  • Target

    af432fe545437c6157a8c9ef838a0b985ab62f6e20b0494d244c1c2906f80bff

  • Size

    2.5MB

  • Sample

    240601-2ezvaaha2y

  • MD5

    ef6306b2d90307f4fea08ef1767d8d87

  • SHA1

    2445bcb08e7330c4516c1fe93ed8d58b31bf1f3b

  • SHA256

    af432fe545437c6157a8c9ef838a0b985ab62f6e20b0494d244c1c2906f80bff

  • SHA512

    07e6bd8197568851ff0bde36354e90218b377ede0e1e78f732ae8e7f74ece3684fee8039bac17eba08792ddb4036e5c2fbf2607bc678290984ae07c212bae964

  • SSDEEP

    24576:gNBYdvTgBJ0o9kTdjHq8M2XKdDrGnrdEROGHOhkkQJCtHYX6kC/hRJHOh8Ck:gNBKq8KdDqnroHOHQhKJHOvk

Malware Config

Targets

    • Target

      af432fe545437c6157a8c9ef838a0b985ab62f6e20b0494d244c1c2906f80bff

    • Size

      2.5MB

    • MD5

      ef6306b2d90307f4fea08ef1767d8d87

    • SHA1

      2445bcb08e7330c4516c1fe93ed8d58b31bf1f3b

    • SHA256

      af432fe545437c6157a8c9ef838a0b985ab62f6e20b0494d244c1c2906f80bff

    • SHA512

      07e6bd8197568851ff0bde36354e90218b377ede0e1e78f732ae8e7f74ece3684fee8039bac17eba08792ddb4036e5c2fbf2607bc678290984ae07c212bae964

    • SSDEEP

      24576:gNBYdvTgBJ0o9kTdjHq8M2XKdDrGnrdEROGHOhkkQJCtHYX6kC/hRJHOh8Ck:gNBKq8KdDqnroHOHQhKJHOvk

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks