General

  • Target

    0d0bd672050281b8fd3d1f17db97ae30N.exe

  • Size

    1.6MB

  • Sample

    240720-1f8m5sxbne

  • MD5

    0d0bd672050281b8fd3d1f17db97ae30

  • SHA1

    6132176050b9a781491a826dd22bba9b31e7f200

  • SHA256

    6a37d13cec5315cd67d86e14ac6916cf219571814ef2c571d59f355b29969648

  • SHA512

    431a474ce90dd898503fa892ed0e011fe17e7a76d2d0129f5343817a7bdafdca24e0b489cd1e8f430838742db9346fb06222ce83568f6223a3fee2865c9cbe26

  • SSDEEP

    49152:V2j4G49Q+04oREB1BLLpLjxy6Ri4AVQvSDgVUq:xZ9Q9HRu/LLpLhRi4Wmwgz

Malware Config

Targets

    • Target

      0d0bd672050281b8fd3d1f17db97ae30N.exe

    • Size

      1.6MB

    • MD5

      0d0bd672050281b8fd3d1f17db97ae30

    • SHA1

      6132176050b9a781491a826dd22bba9b31e7f200

    • SHA256

      6a37d13cec5315cd67d86e14ac6916cf219571814ef2c571d59f355b29969648

    • SHA512

      431a474ce90dd898503fa892ed0e011fe17e7a76d2d0129f5343817a7bdafdca24e0b489cd1e8f430838742db9346fb06222ce83568f6223a3fee2865c9cbe26

    • SSDEEP

      49152:V2j4G49Q+04oREB1BLLpLjxy6Ri4AVQvSDgVUq:xZ9Q9HRu/LLpLhRi4Wmwgz

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks