General
-
Target
OperaGXSetup.exe
-
Size
3.1MB
-
Sample
241010-epzwpssfmm
-
MD5
908d2c2e334c636593ecfd863d218bf8
-
SHA1
904acaa18aae29523d9b123f60b3452578edf171
-
SHA256
38afbdbe4eeaa36693a85992be603405427aa75842ed26229cbb06a3d7b15ed8
-
SHA512
87c6cba6334585e9d068d1cfb9cc3930dcd40ab2b521ad651e16a4c0e6e48a8db1c7a99be5e555f7e82669abbc33abb0aa76813f395acedb6723b7e8a0ae7e5e
-
SSDEEP
49152:2NEyYYC1hqiJckG38dBFOhg5/6qF3rjb/h4CNcTCP8xphzSNtOSe+aSb:cEP1y3+0hgh6u/ZcTCP8BzONaSb
Malware Config
Targets
-
-
Target
OperaGXSetup.exe
-
Size
3.1MB
-
MD5
908d2c2e334c636593ecfd863d218bf8
-
SHA1
904acaa18aae29523d9b123f60b3452578edf171
-
SHA256
38afbdbe4eeaa36693a85992be603405427aa75842ed26229cbb06a3d7b15ed8
-
SHA512
87c6cba6334585e9d068d1cfb9cc3930dcd40ab2b521ad651e16a4c0e6e48a8db1c7a99be5e555f7e82669abbc33abb0aa76813f395acedb6723b7e8a0ae7e5e
-
SSDEEP
49152:2NEyYYC1hqiJckG38dBFOhg5/6qF3rjb/h4CNcTCP8xphzSNtOSe+aSb:cEP1y3+0hgh6u/ZcTCP8BzONaSb
Score8/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
1Subvert Trust Controls
1Install Root Certificate
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1