General

  • Target

    799b86fe7424baa1747af6c7b53cb81b5905a71cd5b2136bed1c315dcaae0edb

  • Size

    5.7MB

  • Sample

    240825-hvp58sshll

  • MD5

    33d6b75777bb9d94bedd547cec7f925c

  • SHA1

    3cf766bc535ed80e36edcc15fb2985f22e38cfd0

  • SHA256

    799b86fe7424baa1747af6c7b53cb81b5905a71cd5b2136bed1c315dcaae0edb

  • SHA512

    17dac293f2240cad28c28ae382b8bf7c4a89401908e239df8c23dd0cc2ff0f30e009dc4003825e1e0936a9995ca6935da97bce7d2ea74b5fa4c17d968e8b707d

  • SSDEEP

    98304:0IIspgmypnQhk6b4wQ7I3lW35A3upETnYqW//1D2xhdWSGt8aRCmGgnkbVG7ehiR:LgJQhCx2XuCtVG7eYj5ycQxxv

Malware Config

Targets

    • Target

      799b86fe7424baa1747af6c7b53cb81b5905a71cd5b2136bed1c315dcaae0edb

    • Size

      5.7MB

    • MD5

      33d6b75777bb9d94bedd547cec7f925c

    • SHA1

      3cf766bc535ed80e36edcc15fb2985f22e38cfd0

    • SHA256

      799b86fe7424baa1747af6c7b53cb81b5905a71cd5b2136bed1c315dcaae0edb

    • SHA512

      17dac293f2240cad28c28ae382b8bf7c4a89401908e239df8c23dd0cc2ff0f30e009dc4003825e1e0936a9995ca6935da97bce7d2ea74b5fa4c17d968e8b707d

    • SSDEEP

      98304:0IIspgmypnQhk6b4wQ7I3lW35A3upETnYqW//1D2xhdWSGt8aRCmGgnkbVG7ehiR:LgJQhCx2XuCtVG7eYj5ycQxxv

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks