General
-
Target
a19a8148d9ee96a02a6e50b2d941301d45cef17b2085dbe02ea5daa03c0e7664
-
Size
964KB
-
Sample
240930-rjlhcazbkn
-
MD5
ff49515b2afc39c9a7f3f432c83c08a3
-
SHA1
f71ebde251cae587a7b5c53ad250763b0c673474
-
SHA256
a19a8148d9ee96a02a6e50b2d941301d45cef17b2085dbe02ea5daa03c0e7664
-
SHA512
c69ad99c1fd5c820527db6a47fa43c3df8fd1f23c5f7bd82a73f5508ab8c9d99e7dff5c1c4b1b8d0b6976f2ad223d7e62ba5f68c66629360b53c668e724b5f80
-
SSDEEP
12288:l3NbvRKcv8Nh7py6Rmi78gkPH3aPI9vyVg/0paQuj3IdD02fKBjtp/:l3NUBpDRmi78gkPXlyo0G/jr
Malware Config
Targets
-
-
Target
a19a8148d9ee96a02a6e50b2d941301d45cef17b2085dbe02ea5daa03c0e7664
-
Size
964KB
-
MD5
ff49515b2afc39c9a7f3f432c83c08a3
-
SHA1
f71ebde251cae587a7b5c53ad250763b0c673474
-
SHA256
a19a8148d9ee96a02a6e50b2d941301d45cef17b2085dbe02ea5daa03c0e7664
-
SHA512
c69ad99c1fd5c820527db6a47fa43c3df8fd1f23c5f7bd82a73f5508ab8c9d99e7dff5c1c4b1b8d0b6976f2ad223d7e62ba5f68c66629360b53c668e724b5f80
-
SSDEEP
12288:l3NbvRKcv8Nh7py6Rmi78gkPH3aPI9vyVg/0paQuj3IdD02fKBjtp/:l3NUBpDRmi78gkPXlyo0G/jr
Score8/10-
Drops file in Drivers directory
-
Deletes itself
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1