General

  • Target

    77d9969fd0ff8ddcdc37dd07151e19fd99cd185e835c6989a6e40fc16e6e7e44

  • Size

    2.6MB

  • Sample

    240728-agwf4awerr

  • MD5

    3798b7c536b9217dfed64114c488eb7e

  • SHA1

    831c224a0c4e4783d780fbb14ac290c331c29494

  • SHA256

    77d9969fd0ff8ddcdc37dd07151e19fd99cd185e835c6989a6e40fc16e6e7e44

  • SHA512

    421075f2ea8f085585d80493bc41749c20050512935ee520b0c9428631f4659f032167df42b8b3ca21fd4e07777a3b3dd4d5210381c0d9eda9b8aa7757599080

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB3B/bS:sxX7QnxrloE5dpUpUb

Malware Config

Targets

    • Target

      77d9969fd0ff8ddcdc37dd07151e19fd99cd185e835c6989a6e40fc16e6e7e44

    • Size

      2.6MB

    • MD5

      3798b7c536b9217dfed64114c488eb7e

    • SHA1

      831c224a0c4e4783d780fbb14ac290c331c29494

    • SHA256

      77d9969fd0ff8ddcdc37dd07151e19fd99cd185e835c6989a6e40fc16e6e7e44

    • SHA512

      421075f2ea8f085585d80493bc41749c20050512935ee520b0c9428631f4659f032167df42b8b3ca21fd4e07777a3b3dd4d5210381c0d9eda9b8aa7757599080

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB3B/bS:sxX7QnxrloE5dpUpUb

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks