General

  • Target

    043824e73122c345e4081841e81d64ada72700e8f95549eb4b0ae0a07ee0d8cf

  • Size

    164KB

  • Sample

    240921-rl5zrsweka

  • MD5

    05d3c6e1c2726cfa659f044cc6c3f232

  • SHA1

    b82f957011ea799358735b7c4422188a03d0a09f

  • SHA256

    043824e73122c345e4081841e81d64ada72700e8f95549eb4b0ae0a07ee0d8cf

  • SHA512

    68cf693d6b60afe565b38a5b117d00e2bd4977a2b11226a737f202d000a75b56657360f21985dd087de4536df0330b65121d5417f3d7c409755ad38b2df3b2a7

  • SSDEEP

    3072:xHe+aX38yas99djmMGWBgh1002J8emEu3T7TO+9Z9sTOVrZzxVxU:c+aX38KYWBW1Wu3rOOuOVr8

Malware Config

Targets

    • Target

      043824e73122c345e4081841e81d64ada72700e8f95549eb4b0ae0a07ee0d8cf

    • Size

      164KB

    • MD5

      05d3c6e1c2726cfa659f044cc6c3f232

    • SHA1

      b82f957011ea799358735b7c4422188a03d0a09f

    • SHA256

      043824e73122c345e4081841e81d64ada72700e8f95549eb4b0ae0a07ee0d8cf

    • SHA512

      68cf693d6b60afe565b38a5b117d00e2bd4977a2b11226a737f202d000a75b56657360f21985dd087de4536df0330b65121d5417f3d7c409755ad38b2df3b2a7

    • SSDEEP

      3072:xHe+aX38yas99djmMGWBgh1002J8emEu3T7TO+9Z9sTOVrZzxVxU:c+aX38KYWBW1Wu3rOOuOVr8

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks