General

  • Target

    7f5a929a4f2afb5a48d0235cc68637d9.exe

  • Size

    7.2MB

  • Sample

    240601-ey8j7shg5z

  • MD5

    7f5a929a4f2afb5a48d0235cc68637d9

  • SHA1

    a472f8e602a2befca859f7eff845a7b8a16de5c6

  • SHA256

    31ddb8be2897f4797e5245b1caff2d724007795428a4ec6877e2fbd7ab40474c

  • SHA512

    0113b16a02b543491298102ab28dcfb02b8e6f551fb6b5af632c09dfd1b95369dcf0c5877270bdbd0e95b6a13f695c70b0eacc96b6b449e6c1520f26ce75fa2e

  • SSDEEP

    196608:91O1axiL+pzGp6MqYC6vREoZSs4dfH9boWuNQQAnfLVbge0:3OEi6W6MqY5v2odIfdbKNOfLtD0

Malware Config

Targets

    • Target

      7f5a929a4f2afb5a48d0235cc68637d9.exe

    • Size

      7.2MB

    • MD5

      7f5a929a4f2afb5a48d0235cc68637d9

    • SHA1

      a472f8e602a2befca859f7eff845a7b8a16de5c6

    • SHA256

      31ddb8be2897f4797e5245b1caff2d724007795428a4ec6877e2fbd7ab40474c

    • SHA512

      0113b16a02b543491298102ab28dcfb02b8e6f551fb6b5af632c09dfd1b95369dcf0c5877270bdbd0e95b6a13f695c70b0eacc96b6b449e6c1520f26ce75fa2e

    • SSDEEP

      196608:91O1axiL+pzGp6MqYC6vREoZSs4dfH9boWuNQQAnfLVbge0:3OEi6W6MqY5v2odIfdbKNOfLtD0

    • Modifies Windows Defender Real-time Protection settings

    • Windows security bypass

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Run Powershell and hide display window.

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Drops desktop.ini file(s)

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks