General

  • Target

    8b020e35f7b5162db5230100049eab3b492627fdb9287f8e1220c731ff5abae2

  • Size

    3.0MB

  • Sample

    240604-aagpcseg56

  • MD5

    96917c0787e219264b75c553c652ea6f

  • SHA1

    6536bbb193afbb18329ada0e26b1c53c315105c1

  • SHA256

    8b020e35f7b5162db5230100049eab3b492627fdb9287f8e1220c731ff5abae2

  • SHA512

    538edee38e254dd085278f008bfb3e0a80df76c48d28f9b93a777291bb1266fbddd31c8aa07b0840a460971d24f4c6128c240201595277a87cc184e469ac71db

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBbB/bSqz8b6LNX:sxX7QnxrloE5dpUpcbVz8eLF

Malware Config

Targets

    • Target

      8b020e35f7b5162db5230100049eab3b492627fdb9287f8e1220c731ff5abae2

    • Size

      3.0MB

    • MD5

      96917c0787e219264b75c553c652ea6f

    • SHA1

      6536bbb193afbb18329ada0e26b1c53c315105c1

    • SHA256

      8b020e35f7b5162db5230100049eab3b492627fdb9287f8e1220c731ff5abae2

    • SHA512

      538edee38e254dd085278f008bfb3e0a80df76c48d28f9b93a777291bb1266fbddd31c8aa07b0840a460971d24f4c6128c240201595277a87cc184e469ac71db

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBbB/bSqz8b6LNX:sxX7QnxrloE5dpUpcbVz8eLF

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks