General

  • Target

    d3a53533949862449edb69c1916bf56681e3f2ec3a1c803043b1f3b876698603

  • Size

    5.5MB

  • Sample

    241014-jepefasbkc

  • MD5

    f2930c61288bc55dfdf9c8b42e321006

  • SHA1

    5ce19a53d5b4deb406943e05ec93bc3979824866

  • SHA256

    d3a53533949862449edb69c1916bf56681e3f2ec3a1c803043b1f3b876698603

  • SHA512

    67a1ea68fafae8c7c9da322b7c5821e5cc78fcce3c9454a552a13ebc812bec334f60533991147b0b95151ade77ff2fbf244945f8318b48082173b64c71e6308f

  • SSDEEP

    98304:lDFAOtlPsTyojuPwkcbTj+xNTW7HlGrGMMCg/0xdb5+pUF:lD3jZojuPwVmW7srWCl1+m

Malware Config

Targets

    • Target

      d3a53533949862449edb69c1916bf56681e3f2ec3a1c803043b1f3b876698603

    • Size

      5.5MB

    • MD5

      f2930c61288bc55dfdf9c8b42e321006

    • SHA1

      5ce19a53d5b4deb406943e05ec93bc3979824866

    • SHA256

      d3a53533949862449edb69c1916bf56681e3f2ec3a1c803043b1f3b876698603

    • SHA512

      67a1ea68fafae8c7c9da322b7c5821e5cc78fcce3c9454a552a13ebc812bec334f60533991147b0b95151ade77ff2fbf244945f8318b48082173b64c71e6308f

    • SSDEEP

      98304:lDFAOtlPsTyojuPwkcbTj+xNTW7HlGrGMMCg/0xdb5+pUF:lD3jZojuPwVmW7srWCl1+m

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Unsecured Credentials: Credentials In Files

      Steal credentials from unsecured files.

    • Accesses Microsoft Outlook profiles

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks