General

  • Target

    9b1c7f08a6203d7897ae5d459257eec116089679e0bc486d81e93edd4deb1de7

  • Size

    3.0MB

  • Sample

    240604-azqnkafa51

  • MD5

    8d3bfc534b1c71f59199aba85b65bac3

  • SHA1

    ef44e9b409ae23a5377d21d740d53f9d5c83d089

  • SHA256

    9b1c7f08a6203d7897ae5d459257eec116089679e0bc486d81e93edd4deb1de7

  • SHA512

    8e040e9c74a8e2c1e628827b5286a78ad5f827e0946a696f2da9c2e4249afa1d2881daeda0ff263ef50cf7b47c5428b7049dc78653e9630dd5e2abd9765b3f03

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBDB/bSqz8b6LNX:sxX7QnxrloE5dpUpobVz8eLF

Malware Config

Targets

    • Target

      9b1c7f08a6203d7897ae5d459257eec116089679e0bc486d81e93edd4deb1de7

    • Size

      3.0MB

    • MD5

      8d3bfc534b1c71f59199aba85b65bac3

    • SHA1

      ef44e9b409ae23a5377d21d740d53f9d5c83d089

    • SHA256

      9b1c7f08a6203d7897ae5d459257eec116089679e0bc486d81e93edd4deb1de7

    • SHA512

      8e040e9c74a8e2c1e628827b5286a78ad5f827e0946a696f2da9c2e4249afa1d2881daeda0ff263ef50cf7b47c5428b7049dc78653e9630dd5e2abd9765b3f03

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBDB/bSqz8b6LNX:sxX7QnxrloE5dpUpobVz8eLF

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks