General

  • Target

    6d520c90115277f9364b015f2456de30.bin

  • Size

    1.4MB

  • Sample

    240604-b8lawahb9t

  • MD5

    6d520c90115277f9364b015f2456de30

  • SHA1

    4b259e262402a9711e11134c18f971e621f11b91

  • SHA256

    a4c6498a6bbc82849df48bd213138589272d314262ec357bb75ebc7cff32e5f5

  • SHA512

    f6503f1708f12911ff6a0b30c14630cc9beee1c111d6467661e4282301024f76ac95428982f7d46f6e1fd50d4a192ec35cf1165385c873b0f482ed3ae01470f7

  • SSDEEP

    24576:YoBaHKDw62UG3q+mKeonRSpV7qt8uYyns4pHQqtZEyadAx6eRGxi1q5Xc:XBaHMe3qZKXnRSpVGBs4pwqtunAx5RG2

Malware Config

Targets

    • Target

      6d520c90115277f9364b015f2456de30.bin

    • Size

      1.4MB

    • MD5

      6d520c90115277f9364b015f2456de30

    • SHA1

      4b259e262402a9711e11134c18f971e621f11b91

    • SHA256

      a4c6498a6bbc82849df48bd213138589272d314262ec357bb75ebc7cff32e5f5

    • SHA512

      f6503f1708f12911ff6a0b30c14630cc9beee1c111d6467661e4282301024f76ac95428982f7d46f6e1fd50d4a192ec35cf1165385c873b0f482ed3ae01470f7

    • SSDEEP

      24576:YoBaHKDw62UG3q+mKeonRSpV7qt8uYyns4pHQqtZEyadAx6eRGxi1q5Xc:XBaHMe3qZKXnRSpVGBs4pwqtunAx5RG2

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks