General

  • Target

    a4326a36c55c50ddc50ff0508d72cca764bf5e912a8fd86cf5afe696c5408f45

  • Size

    3.9MB

  • Sample

    240604-bf4azsfg4w

  • MD5

    2e74dcd3530dafaca29e72868b8fba80

  • SHA1

    ef2391476677fdf7e6249628fa1beef3ba07cd6f

  • SHA256

    a4326a36c55c50ddc50ff0508d72cca764bf5e912a8fd86cf5afe696c5408f45

  • SHA512

    643916d34b2329172fdf4b23f82212efee9cf8a41500e6cf56202378b025c51b2f0bf526609e4e90c68d8b4f743f8cbfaef7afb2910d81721b64c6730eb7dfc4

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBdB/bSqz8:sxX7QnxrloE5dpUpKbVz8

Malware Config

Targets

    • Target

      a4326a36c55c50ddc50ff0508d72cca764bf5e912a8fd86cf5afe696c5408f45

    • Size

      3.9MB

    • MD5

      2e74dcd3530dafaca29e72868b8fba80

    • SHA1

      ef2391476677fdf7e6249628fa1beef3ba07cd6f

    • SHA256

      a4326a36c55c50ddc50ff0508d72cca764bf5e912a8fd86cf5afe696c5408f45

    • SHA512

      643916d34b2329172fdf4b23f82212efee9cf8a41500e6cf56202378b025c51b2f0bf526609e4e90c68d8b4f743f8cbfaef7afb2910d81721b64c6730eb7dfc4

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBdB/bSqz8:sxX7QnxrloE5dpUpKbVz8

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks