General

  • Target

    2beb6ff0add633b2dfc2d9ea1cc256a9.bin

  • Size

    681KB

  • Sample

    240602-bdhaqsdh55

  • MD5

    2beb6ff0add633b2dfc2d9ea1cc256a9

  • SHA1

    0c48c4d4af3dc64b5cdd0f529b8b26c64e2fff5f

  • SHA256

    d458914d2c3439db46d42c11752b70b896b0a89c9095e0a66baea7a667f3bb5c

  • SHA512

    bb2cd490551e3d51bf1edee2c3d3b1ddbdd6be7bf58915cd4b369f09aedaf3f38c8947bf32906f409ea8fddade0a52db422abe32b0a63605093cbd9009adf671

  • SSDEEP

    12288:Tid9xszLBMcdyJ+n9sYxQmxESnqXTNiLJduqwjv4qPVCxM5NB8WbLKzUC:Ots/ucdyC3xQ+BqZqJHw59yPs

Malware Config

Targets

    • Target

      2beb6ff0add633b2dfc2d9ea1cc256a9.bin

    • Size

      681KB

    • MD5

      2beb6ff0add633b2dfc2d9ea1cc256a9

    • SHA1

      0c48c4d4af3dc64b5cdd0f529b8b26c64e2fff5f

    • SHA256

      d458914d2c3439db46d42c11752b70b896b0a89c9095e0a66baea7a667f3bb5c

    • SHA512

      bb2cd490551e3d51bf1edee2c3d3b1ddbdd6be7bf58915cd4b369f09aedaf3f38c8947bf32906f409ea8fddade0a52db422abe32b0a63605093cbd9009adf671

    • SSDEEP

      12288:Tid9xszLBMcdyJ+n9sYxQmxESnqXTNiLJduqwjv4qPVCxM5NB8WbLKzUC:Ots/ucdyC3xQ+BqZqJHw59yPs

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks