General

  • Target

    CCleaner.exe

  • Size

    37.4MB

  • Sample

    240616-h69n1svbmc

  • MD5

    ab264cbe086494e6e4f57e1975f032ec

  • SHA1

    655c056e8c5b27e6077cf768ccf4e0a22a11438a

  • SHA256

    d5f775de69f56f2cd1051aa0ec43bbc39d5723e69e441bea621a8bb81af0394e

  • SHA512

    e42505aec83084567a5c91288bfecd31cc2cbef610566e9dcf7f771d8eac163ec283147d1ed1ded3d7280fc2dc43250fd672acf310e7a79f06977186fffa74bc

  • SSDEEP

    393216:e7qbJxEMwFak0aUYc58Wa5BMfDaYvaWBv9Lls+wk6rqNuw+Aufj+PhSp0DuAeCY/:KqVxXoFUO5kaH+qw+AuqPsBJk

Malware Config

Targets

    • Target

      CCleaner.exe

    • Size

      37.4MB

    • MD5

      ab264cbe086494e6e4f57e1975f032ec

    • SHA1

      655c056e8c5b27e6077cf768ccf4e0a22a11438a

    • SHA256

      d5f775de69f56f2cd1051aa0ec43bbc39d5723e69e441bea621a8bb81af0394e

    • SHA512

      e42505aec83084567a5c91288bfecd31cc2cbef610566e9dcf7f771d8eac163ec283147d1ed1ded3d7280fc2dc43250fd672acf310e7a79f06977186fffa74bc

    • SSDEEP

      393216:e7qbJxEMwFak0aUYc58Wa5BMfDaYvaWBv9Lls+wk6rqNuw+Aufj+PhSp0DuAeCY/:KqVxXoFUO5kaH+qw+AuqPsBJk

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks for any installed AV software in registry

    • Drops desktop.ini file(s)

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks