General

  • Target

    9758c64b1cef8ded302a7cb93b4f7f6d5b93d4b47ac224c672aa292e6151496a

  • Size

    78KB

  • Sample

    240604-asnwdsef9y

  • MD5

    6c9b5c86dd54044859967bf236fb5009

  • SHA1

    47d6834e959384cbe4d7b6070c905a1346f50dc1

  • SHA256

    9758c64b1cef8ded302a7cb93b4f7f6d5b93d4b47ac224c672aa292e6151496a

  • SHA512

    20f2180c4f955b753bd67cdee988ead838431342b90dd6c28a73d8acce3d180393764c7044a07d1c1db8d8d49f90b788f67bb7e19beb314875ba259f01dc499d

  • SSDEEP

    768:hpQNwC3BEddsEqOt/hyJF+x3BEJwRrPHisKl4qh6:reTce/U/hKYuKPHisKldh6

Malware Config

Targets

    • Target

      9758c64b1cef8ded302a7cb93b4f7f6d5b93d4b47ac224c672aa292e6151496a

    • Size

      78KB

    • MD5

      6c9b5c86dd54044859967bf236fb5009

    • SHA1

      47d6834e959384cbe4d7b6070c905a1346f50dc1

    • SHA256

      9758c64b1cef8ded302a7cb93b4f7f6d5b93d4b47ac224c672aa292e6151496a

    • SHA512

      20f2180c4f955b753bd67cdee988ead838431342b90dd6c28a73d8acce3d180393764c7044a07d1c1db8d8d49f90b788f67bb7e19beb314875ba259f01dc499d

    • SSDEEP

      768:hpQNwC3BEddsEqOt/hyJF+x3BEJwRrPHisKl4qh6:reTce/U/hKYuKPHisKldh6

    • Modifies visibility of file extensions in Explorer

    • Disables RegEdit via registry modification

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks