General

  • Target

    6d13a078ed03f7435f1e79b66e6b6120N

  • Size

    2.6MB

  • Sample

    240909-edx8qszgnr

  • MD5

    6d13a078ed03f7435f1e79b66e6b6120

  • SHA1

    f66e6f1aea762eea1db7107f947dbda57956d9cf

  • SHA256

    5da9a62041ccee01094e9f6aae9ed6fefeded85e14e17ae83c6c436479fe9748

  • SHA512

    e2bf72f5e9810ac77703526e80592eae1f378465bcfa30335c99eb1d8d5844d5efd716ba0f7a41a18fe7e3f8aa37f38395e5329ce4f266b9ea8f6ac93e0d5b9d

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBdB/bS:sxX7QnxrloE5dpUpOb

Malware Config

Targets

    • Target

      6d13a078ed03f7435f1e79b66e6b6120N

    • Size

      2.6MB

    • MD5

      6d13a078ed03f7435f1e79b66e6b6120

    • SHA1

      f66e6f1aea762eea1db7107f947dbda57956d9cf

    • SHA256

      5da9a62041ccee01094e9f6aae9ed6fefeded85e14e17ae83c6c436479fe9748

    • SHA512

      e2bf72f5e9810ac77703526e80592eae1f378465bcfa30335c99eb1d8d5844d5efd716ba0f7a41a18fe7e3f8aa37f38395e5329ce4f266b9ea8f6ac93e0d5b9d

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBdB/bS:sxX7QnxrloE5dpUpOb

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks