General
-
Target
f03817e314c8487ca1087d7e02e73aa598118ee5e8e8f06d73880ee5e59148d0
-
Size
78KB
-
Sample
240603-f3yfgada5t
-
MD5
55d077caea3478d7892cf7b8b4841501
-
SHA1
b7873301e128f7585a0bd8ed5aa653263ef967e7
-
SHA256
f03817e314c8487ca1087d7e02e73aa598118ee5e8e8f06d73880ee5e59148d0
-
SHA512
1dbe8c7bb23d8d0c22f25166cac14c997d04e7a3b8f83c95f835c6b87778604d1cfdf23b101e2ad00489ef5373132d200a9d079a0780cce8d65f76791e30c392
-
SSDEEP
768:RpQNwC3BEddsEqOt/hyJF+x3BEJwRrPHisKl4qh4:7eTce/U/hKYuKPHisKldh4
Malware Config
Targets
-
-
Target
f03817e314c8487ca1087d7e02e73aa598118ee5e8e8f06d73880ee5e59148d0
-
Size
78KB
-
MD5
55d077caea3478d7892cf7b8b4841501
-
SHA1
b7873301e128f7585a0bd8ed5aa653263ef967e7
-
SHA256
f03817e314c8487ca1087d7e02e73aa598118ee5e8e8f06d73880ee5e59148d0
-
SHA512
1dbe8c7bb23d8d0c22f25166cac14c997d04e7a3b8f83c95f835c6b87778604d1cfdf23b101e2ad00489ef5373132d200a9d079a0780cce8d65f76791e30c392
-
SSDEEP
768:RpQNwC3BEddsEqOt/hyJF+x3BEJwRrPHisKl4qh4:7eTce/U/hKYuKPHisKldh4
Score10/10-
Modifies visibility of file extensions in Explorer
-
Disables RegEdit via registry modification
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
3