General

  • Target

    tt.zip

  • Size

    11.8MB

  • Sample

    240614-dxmexaxcpq

  • MD5

    36b9e9ad3b9dd94505dca6bcd535783b

  • SHA1

    db5dc0da6a3553b2b936ce1e699682a4dd9bc949

  • SHA256

    5ca3370c7d9ead2189a41ac424aa54e1005955b891dd57012da6db0d663dee93

  • SHA512

    179aaf89c09bb6cb554e0f42565b6d7c5a43acde4e6f7bb1cd71c9f1b07f0192ef94d2e7dc4acb5245dacb0e3f5f28beab2d64d35024acb6e00c1bb61ebe25c1

  • SSDEEP

    196608:bWqcID5d6hBXehZx2U7jQWrQ9+LfksbOl+x5kvOxgQtqDEU1GTQ4whw0jli1l6:Cq/X6hBXa57B89+Lf9bXfxRJ44sw0ZiC

Malware Config

Targets

    • Target

      tt.zip

    • Size

      11.8MB

    • MD5

      36b9e9ad3b9dd94505dca6bcd535783b

    • SHA1

      db5dc0da6a3553b2b936ce1e699682a4dd9bc949

    • SHA256

      5ca3370c7d9ead2189a41ac424aa54e1005955b891dd57012da6db0d663dee93

    • SHA512

      179aaf89c09bb6cb554e0f42565b6d7c5a43acde4e6f7bb1cd71c9f1b07f0192ef94d2e7dc4acb5245dacb0e3f5f28beab2d64d35024acb6e00c1bb61ebe25c1

    • SSDEEP

      196608:bWqcID5d6hBXehZx2U7jQWrQ9+LfksbOl+x5kvOxgQtqDEU1GTQ4whw0jli1l6:Cq/X6hBXa57B89+Lf9bXfxRJ44sw0ZiC

    Score
    1/10
    • Target

      1

    • Size

      11.3MB

    • MD5

      dc5e22db77a5515dc5748a210d71f0a3

    • SHA1

      168554d8a6856c7b6db134bb436f2d45c7d1fdf5

    • SHA256

      0710dc26d255516db41e9437cc261eae12c0c36b86c70c8a0ee29cddba6cda62

    • SHA512

      e34944dd6c9cade43a524498fbef7fef9fde4d5edb4ac262948d142a406a2d83a36edbac8522f320d0046a0c7c1b0f51d45a29b3bbed5b164e7ad3eaccfd8011

    • SSDEEP

      196608:bWqcID5d6hBXehZx2U7jQWrQ9+LfksbOl+x5kvOxgQtqDEU1GTQ4whw0Z:Cq/X6hBXa57B89+Lf9bXfxRJ44sw0Z

    Score
    1/10
    • Target

      LetsPRO.exe

    • Size

      40KB

    • MD5

      e33a9aea6fd3707f22ad67e04a242c25

    • SHA1

      8b6c673ec4a89b718cfb6776dc775d90ca91d2b0

    • SHA256

      56225827f540be7e58e2602d89d0cca65c15304fc6fd5e8a5aa1690ee6e93d27

    • SHA512

      911b635a72d8c99600412ca6e2d61e0e782d18e121349b74f01272533bb2494c5412c5efedb255906c82fe26ca26d7df32cc90809c3e0c58a804da85474cad12

    • SSDEEP

      768:+8ePTpj+ThJQyCUzGhb/SCnahLJBpgEBf0EjlX7w:+80TaQbUzyDSWahLJBp31lX7

    • Modifies Windows Firewall

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Target

      msvcp100.dll

    • Size

      412KB

    • MD5

      ed40615aa67499e2d2da8389ba9b331a

    • SHA1

      09780d2c9d75878f7a9bb94599f3dc9386cf3789

    • SHA256

      cd28daeda3c8731030e2077e6eccbb609e2098919b05ff310bef8dce1dce2d8d

    • SHA512

      47d94c5f4829a0f901b57084c22b24adefb4aec2f7b8df9ea838e485dbc607aa837ed6d3c7186159499c44a3ff488fb04f770c624649a406854d82cd3baf72ee

    • SSDEEP

      12288:AOb8zxr1aWPaHX7dGP5HrhUgiW6QR7t5qv3Ooc8UHkC2ebe:AOb8Fpa6aHX7dGP5Ov3Ooc8UHkC2ei

    Score
    3/10
    • Target

      msvcr100.dll

    • Size

      756KB

    • MD5

      ef3e115c225588a680acf365158b2f4a

    • SHA1

      ecda6d3b4642d2451817833b39248778e9c2cbb0

    • SHA256

      25d1cc5be93c7a0b58855ad1f4c9df3cfb9ec87e5dc13db85b147b1951ac6fa8

    • SHA512

      d51f51336b7a34eb6c8f429597c3d685eb53853ee5e9d4857c40fc7be6956f1b8363d8d34bebad15ccceae45a6eb69f105f2df6a672f15fb0e6f8d0bb1afb91a

    • SSDEEP

      12288:amCy3y9cSWI5vMBEWL3XU8+n6ODOlMFgvXmteA5RLTDz7sHA9p++/pj:amCy3acqvM6WL3XU8+n6ODxgf4eUH7Tt

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks