General

  • Target

    ba8c44274cd8d856f5861052495b9653cbe4747a3360a412f8717d35ed96e354

  • Size

    2.7MB

  • Sample

    240609-jj3gvsge46

  • MD5

    15851b18628b18eee98af679e2f82a45

  • SHA1

    d9f590c3371ea816a747c826616d1269c3ab1ba6

  • SHA256

    ba8c44274cd8d856f5861052495b9653cbe4747a3360a412f8717d35ed96e354

  • SHA512

    3d43a57e46ace974c1e50b12838fa08c4bb02c381d6a6c11f0ae049133693eebe21a78c2c192a60aa8f63250f54f656a822acb89f0f1a40a0d18d815c2a20160

  • SSDEEP

    49152:+R0p8xHycIq+GI27nGroMPTJPer1c2HSjpjK3LB09w4Sx:+R0pI/IQlUoMPdmpSpC4

Malware Config

Targets

    • Target

      ba8c44274cd8d856f5861052495b9653cbe4747a3360a412f8717d35ed96e354

    • Size

      2.7MB

    • MD5

      15851b18628b18eee98af679e2f82a45

    • SHA1

      d9f590c3371ea816a747c826616d1269c3ab1ba6

    • SHA256

      ba8c44274cd8d856f5861052495b9653cbe4747a3360a412f8717d35ed96e354

    • SHA512

      3d43a57e46ace974c1e50b12838fa08c4bb02c381d6a6c11f0ae049133693eebe21a78c2c192a60aa8f63250f54f656a822acb89f0f1a40a0d18d815c2a20160

    • SSDEEP

      49152:+R0p8xHycIq+GI27nGroMPTJPer1c2HSjpjK3LB09w4Sx:+R0pI/IQlUoMPdmpSpC4

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks