Resubmissions

14-08-2024 05:00

240814-fm2g7axbnf 8

14-08-2024 04:53

240814-fjf23s1hqm 1

14-08-2024 04:50

240814-fgndda1hnn 5

14-08-2024 04:30

240814-e4t9rs1gkl 9

14-08-2024 04:29

240814-e4k14a1gkj 1

General

  • Target

    https://google.com

  • Sample

    240814-e4t9rs1gkl

Malware Config

Targets

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Checks system information in the registry

      System information is often read in order to detect sandboxing environments.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks