Resubmissions

16-10-2024 13:31

241016-qsrv2ssakb 7

15-10-2024 19:12

241015-xwnfcssaje 10

General

  • Target

    task1hm.exe

  • Size

    15.8MB

  • Sample

    241015-xwnfcssaje

  • MD5

    3d1c2dd6ee920b04ef92c168d1752b4e

  • SHA1

    8585060a1d62de5cb09222226bcab553e9f07d9e

  • SHA256

    47ccb9de7b1ed678f3fac6c6c9af48587651141de18442c2746d29b6a7075c0c

  • SHA512

    75cd84acd62fa79f822bc9e9384e9d17285dab75503f7ad19ab5b7494e4b3f01ac4992c2a6af3e1690257ddb0bfd73d56b62a1097d62baae3ddbe3530c290ce3

  • SSDEEP

    393216:BCi6hZ2YsHFUK2JjXMCHWUjtjx5WsqWxTC0oQwe7les+j:BCi+Z2YwUlJjXMb8AsqACy3Bes

Malware Config

Targets

    • Target

      task1hm.exe

    • Size

      15.8MB

    • MD5

      3d1c2dd6ee920b04ef92c168d1752b4e

    • SHA1

      8585060a1d62de5cb09222226bcab553e9f07d9e

    • SHA256

      47ccb9de7b1ed678f3fac6c6c9af48587651141de18442c2746d29b6a7075c0c

    • SHA512

      75cd84acd62fa79f822bc9e9384e9d17285dab75503f7ad19ab5b7494e4b3f01ac4992c2a6af3e1690257ddb0bfd73d56b62a1097d62baae3ddbe3530c290ce3

    • SSDEEP

      393216:BCi6hZ2YsHFUK2JjXMCHWUjtjx5WsqWxTC0oQwe7les+j:BCi+Z2YwUlJjXMb8AsqACy3Bes

    • Exela Stealer

      Exela Stealer is an open source stealer originally written in .NET and later transitioned to Python that was first observed in August 2023.

    • Grants admin privileges

      Uses net.exe to modify the user's privileges.

    • Modifies Windows Firewall

    • Clipboard Data

      Adversaries may collect data stored in the clipboard from users copying information within or between applications.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Network Service Discovery

      Attempt to gather information on host's network.

    • Enumerates processes with tasklist

    • Hide Artifacts: Hidden Files and Directories

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.