Resubmissions

16-07-2024 12:47

240716-p1ep1swcmh 8

13-06-2024 01:22

240613-brastayfnd 8

General

  • Target

    uninstalltool_setup.exe

  • Size

    5.7MB

  • Sample

    240613-brastayfnd

  • MD5

    417161bef8a9990d7d99cd660042608d

  • SHA1

    8b319c3ec6cff5a598f7ee3be643a1e13ac85a1b

  • SHA256

    66b696e76af8e72272883e22e7f5e42e168195c2e42fddf6d9e4e59c8a003ee4

  • SHA512

    3603a744fad93c6b0f48a9ab5795193b0c5c5e145fa80d5c5b0214efc62b39e80d3c83fe04b90b48aca2dd504c4b4f6cfa3f896f66cf76dc204e661ba36b0ae6

  • SSDEEP

    98304:mkL6cnCk9EjDxlSQSk0StENJ6+t22o0LPfG8I2zCFqCmRY4z6FSQ8l5ocPCfEWa:Rt92xcQF7tETN22o6XGN2lRqcr5bWa

Malware Config

Targets

    • Target

      uninstalltool_setup.exe

    • Size

      5.7MB

    • MD5

      417161bef8a9990d7d99cd660042608d

    • SHA1

      8b319c3ec6cff5a598f7ee3be643a1e13ac85a1b

    • SHA256

      66b696e76af8e72272883e22e7f5e42e168195c2e42fddf6d9e4e59c8a003ee4

    • SHA512

      3603a744fad93c6b0f48a9ab5795193b0c5c5e145fa80d5c5b0214efc62b39e80d3c83fe04b90b48aca2dd504c4b4f6cfa3f896f66cf76dc204e661ba36b0ae6

    • SSDEEP

      98304:mkL6cnCk9EjDxlSQSk0StENJ6+t22o0LPfG8I2zCFqCmRY4z6FSQ8l5ocPCfEWa:Rt92xcQF7tETN22o6XGN2lRqcr5bWa

    • Command and Scripting Interpreter: PowerShell

      Run Powershell and hide display window.

    • Drops file in Drivers directory

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks