General

  • Target

    a27f261c595fb0040e689a76ccddd1407f7dae0badacedbc8647f1728990b77f

  • Size

    91KB

  • Sample

    240604-bdcegsgd63

  • MD5

    3d0540f21135b4ae6f6835eec3479053

  • SHA1

    4c630e0a53a18706dccfbc6752ec5b6837514533

  • SHA256

    a27f261c595fb0040e689a76ccddd1407f7dae0badacedbc8647f1728990b77f

  • SHA512

    4d1e4795aea29aba27c29f97579d66fba42ca37361e1a877d3eba3961bd01314bbd038490c877095092fb4d03beba7dc8e17198e192a692feec4d568a58d689d

  • SSDEEP

    1536:N5VzcfA/6LrVpL74gfh16ntnY3WBJsVICh2FxixCUh6+ghR2LG+Loz8RXLNZngIL:/V2A/gVh74gpg63W+22XDgD2a+LH5LPP

Malware Config

Targets

    • Target

      a27f261c595fb0040e689a76ccddd1407f7dae0badacedbc8647f1728990b77f

    • Size

      91KB

    • MD5

      3d0540f21135b4ae6f6835eec3479053

    • SHA1

      4c630e0a53a18706dccfbc6752ec5b6837514533

    • SHA256

      a27f261c595fb0040e689a76ccddd1407f7dae0badacedbc8647f1728990b77f

    • SHA512

      4d1e4795aea29aba27c29f97579d66fba42ca37361e1a877d3eba3961bd01314bbd038490c877095092fb4d03beba7dc8e17198e192a692feec4d568a58d689d

    • SSDEEP

      1536:N5VzcfA/6LrVpL74gfh16ntnY3WBJsVICh2FxixCUh6+ghR2LG+Loz8RXLNZngIL:/V2A/gVh74gpg63W+22XDgD2a+LH5LPP

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks