General

  • Target

    0d0a3ea75e6f1f735b5fbbc7a95806cac73aa8bac6e623bc7f11cd25ec27ec84

  • Size

    4.1MB

  • Sample

    240611-xategsxbpn

  • MD5

    265028baad0d61ab0b11b7839fcff2dd

  • SHA1

    a568213076faa74dd87537ec6692c003cad47450

  • SHA256

    0d0a3ea75e6f1f735b5fbbc7a95806cac73aa8bac6e623bc7f11cd25ec27ec84

  • SHA512

    65e742383056163ff8fe1d7010dc4dc21e4e1b407d3019881eafe0390fda60c205778da9013ba890720dc849777210821e010a86570ef2e24231a3a3329546ca

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBPB/bSqz8b6LNXJqI20t:sxX7QnxrloE5dpUpsbVz8eLFcz

Malware Config

Targets

    • Target

      0d0a3ea75e6f1f735b5fbbc7a95806cac73aa8bac6e623bc7f11cd25ec27ec84

    • Size

      4.1MB

    • MD5

      265028baad0d61ab0b11b7839fcff2dd

    • SHA1

      a568213076faa74dd87537ec6692c003cad47450

    • SHA256

      0d0a3ea75e6f1f735b5fbbc7a95806cac73aa8bac6e623bc7f11cd25ec27ec84

    • SHA512

      65e742383056163ff8fe1d7010dc4dc21e4e1b407d3019881eafe0390fda60c205778da9013ba890720dc849777210821e010a86570ef2e24231a3a3329546ca

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBPB/bSqz8b6LNXJqI20t:sxX7QnxrloE5dpUpsbVz8eLFcz

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks