General

  • Target

    5ccbe9108437a9f93cf98a6a0c1584e0N.exe

  • Size

    2.7MB

  • Sample

    240825-k7yn9ayark

  • MD5

    5ccbe9108437a9f93cf98a6a0c1584e0

  • SHA1

    845c38e61e1b0f1529bc3e343cec7ba64ce86a71

  • SHA256

    ed89d5620a497b6a35596835b01211fa2dfe5bc263202db0f1ef8b84a1ebfa17

  • SHA512

    c1a9e4ab547be020541c7b897ab832cab6665d4629b24fdeda4fadc5a5a19c90feeca192ce1c0d94c998d5e81748d901fecd6ae9f2b740ba571a773830904fe4

  • SSDEEP

    49152:+R0p8xHycIq+GI27nGroMPTJPer1c2HSjpjK3LBN9w4Sx:+R0pI/IQlUoMPdmpSpt4

Malware Config

Targets

    • Target

      5ccbe9108437a9f93cf98a6a0c1584e0N.exe

    • Size

      2.7MB

    • MD5

      5ccbe9108437a9f93cf98a6a0c1584e0

    • SHA1

      845c38e61e1b0f1529bc3e343cec7ba64ce86a71

    • SHA256

      ed89d5620a497b6a35596835b01211fa2dfe5bc263202db0f1ef8b84a1ebfa17

    • SHA512

      c1a9e4ab547be020541c7b897ab832cab6665d4629b24fdeda4fadc5a5a19c90feeca192ce1c0d94c998d5e81748d901fecd6ae9f2b740ba571a773830904fe4

    • SSDEEP

      49152:+R0p8xHycIq+GI27nGroMPTJPer1c2HSjpjK3LBN9w4Sx:+R0pI/IQlUoMPdmpSpt4

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks