General

  • Target

    113e63c40f1c1f634a023ff2e0a7c76ed906912548eabd4070240d7f3f1f1ba7

  • Size

    457KB

  • Sample

    240611-xga7gsxcme

  • MD5

    30d6e29710580a748229532bb271f400

  • SHA1

    9ade8b7f094b1e3bf964014b0b1d452e6444400d

  • SHA256

    113e63c40f1c1f634a023ff2e0a7c76ed906912548eabd4070240d7f3f1f1ba7

  • SHA512

    4190c5a7c9ecf295a07a71d3f3fe789e2b6a5f79ee4973ee29de2ea60dc204ada25632e2c15d0f2ae32bf34ed81031e646bd351e430f748ad14e10d7c766ed79

  • SSDEEP

    6144:9rTfUHeeSKOS9ccFKk3Y9t9YqU9PRWLiFSbE56FORF:9n8yN0Mr8qU9PRWg9

Malware Config

Targets

    • Target

      113e63c40f1c1f634a023ff2e0a7c76ed906912548eabd4070240d7f3f1f1ba7

    • Size

      457KB

    • MD5

      30d6e29710580a748229532bb271f400

    • SHA1

      9ade8b7f094b1e3bf964014b0b1d452e6444400d

    • SHA256

      113e63c40f1c1f634a023ff2e0a7c76ed906912548eabd4070240d7f3f1f1ba7

    • SHA512

      4190c5a7c9ecf295a07a71d3f3fe789e2b6a5f79ee4973ee29de2ea60dc204ada25632e2c15d0f2ae32bf34ed81031e646bd351e430f748ad14e10d7c766ed79

    • SSDEEP

      6144:9rTfUHeeSKOS9ccFKk3Y9t9YqU9PRWLiFSbE56FORF:9n8yN0Mr8qU9PRWg9

    • UPX dump on OEP (original entry point)

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks