General

  • Target

    d579b52df3e6391080a0d332c836b310N

  • Size

    2.6MB

  • Sample

    240826-hz3bcs1fnc

  • MD5

    d579b52df3e6391080a0d332c836b310

  • SHA1

    c9a00d9f52b6cb835da0ba5a4f6cb04f8c901448

  • SHA256

    9425c2575dae82259b254c7011f6ca14321d60eb95077b75ad8271aa6eb73fba

  • SHA512

    79b1e226572a776cd05175cf9606616ffbc3d2a2abd32bab83602cfd9266738498dbf1e6d8f0657f8ca0f557dc241c6ce381f57d95469f2662d227fdde3aab13

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBVB/bS:sxX7QnxrloE5dpUpyb

Malware Config

Targets

    • Target

      d579b52df3e6391080a0d332c836b310N

    • Size

      2.6MB

    • MD5

      d579b52df3e6391080a0d332c836b310

    • SHA1

      c9a00d9f52b6cb835da0ba5a4f6cb04f8c901448

    • SHA256

      9425c2575dae82259b254c7011f6ca14321d60eb95077b75ad8271aa6eb73fba

    • SHA512

      79b1e226572a776cd05175cf9606616ffbc3d2a2abd32bab83602cfd9266738498dbf1e6d8f0657f8ca0f557dc241c6ce381f57d95469f2662d227fdde3aab13

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBVB/bS:sxX7QnxrloE5dpUpyb

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks