General

  • Target

    50a2a6aa57789deee95e72b504dbbeb0N.exe

  • Size

    1.9MB

  • Sample

    240806-dy8drsyapk

  • MD5

    50a2a6aa57789deee95e72b504dbbeb0

  • SHA1

    8663dc347ef6743b2b1b1b1642dde5ab8faec143

  • SHA256

    7446cdc9fc183b63c54cc8dfff4d574e6cc4044e803dafc683440cac7ce8d655

  • SHA512

    3e168a44b68a8ad63f7dcf2c274696b54caca8e8695a04db59335e0b7f826d35562f24bdbe758fcfaf9689e7834e30c863fd53a900fb8f724de183661d70e135

  • SSDEEP

    49152:h5BdJKGVVSmSWnHcCE+o4fZoRzDbHnGMoj0Ow1JfzLmTGrg:/HJKsSZWnHcCEh4qmMJ1JfP4G0

Malware Config

Targets

    • Target

      50a2a6aa57789deee95e72b504dbbeb0N.exe

    • Size

      1.9MB

    • MD5

      50a2a6aa57789deee95e72b504dbbeb0

    • SHA1

      8663dc347ef6743b2b1b1b1642dde5ab8faec143

    • SHA256

      7446cdc9fc183b63c54cc8dfff4d574e6cc4044e803dafc683440cac7ce8d655

    • SHA512

      3e168a44b68a8ad63f7dcf2c274696b54caca8e8695a04db59335e0b7f826d35562f24bdbe758fcfaf9689e7834e30c863fd53a900fb8f724de183661d70e135

    • SSDEEP

      49152:h5BdJKGVVSmSWnHcCE+o4fZoRzDbHnGMoj0Ow1JfzLmTGrg:/HJKsSZWnHcCEh4qmMJ1JfP4G0

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks