Resubmissions
10/10/2024, 10:38
241010-mpvwrazbmk 8General
-
Target
OperaGXSetup (9).exe
-
Size
3.2MB
-
Sample
241010-mpvwrazbmk
-
MD5
abb23d1ad0e234c351b73ee50462413a
-
SHA1
05625ecc74152fc97cc17bc59b3ebc5ad6d460b2
-
SHA256
afa3f3b7cde0528f5ec699b33911e7060b6fd3f753d0bc9693b6448f2d28fe7f
-
SHA512
fbb62345bfd14e5a157f5f1498fc46c9b6bc6d2fb45405603cb54a6a5502ac536d3e80c1817138c58cbe54485377993640e7e5310464e0d4d16ef39eabaa85da
-
SSDEEP
98304:aAnUm/Yhwfrws0uhdYRu/MSAxN4LjEx2O9Nii:QPwfrws0uQm24XxO9Ai
Malware Config
Targets
-
-
Target
OperaGXSetup (9).exe
-
Size
3.2MB
-
MD5
abb23d1ad0e234c351b73ee50462413a
-
SHA1
05625ecc74152fc97cc17bc59b3ebc5ad6d460b2
-
SHA256
afa3f3b7cde0528f5ec699b33911e7060b6fd3f753d0bc9693b6448f2d28fe7f
-
SHA512
fbb62345bfd14e5a157f5f1498fc46c9b6bc6d2fb45405603cb54a6a5502ac536d3e80c1817138c58cbe54485377993640e7e5310464e0d4d16ef39eabaa85da
-
SSDEEP
98304:aAnUm/Yhwfrws0uhdYRu/MSAxN4LjEx2O9Nii:QPwfrws0uQm24XxO9Ai
Score8/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1