General

  • Target

    c00c1b9d8ee35ee24778898f6f65670d2bef7b3f0331b64fad6b4d5081bf883eN

  • Size

    171KB

  • Sample

    241015-y2j6kavcra

  • MD5

    fc0b4225305ce793d84e979b183bc3b0

  • SHA1

    23ec9d96139de7a484cc7b71e9e1e213e28365d6

  • SHA256

    c00c1b9d8ee35ee24778898f6f65670d2bef7b3f0331b64fad6b4d5081bf883e

  • SHA512

    cce333193badc92561446f6f62202cf5f12d55e23c0690cf380b73570ec72e21d04ba1360521b16bc73cfa2503ea0b035f75ea08af881dc979017e351dbd4104

  • SSDEEP

    3072:R2Iz9CI8mUOtDDPwLkBLXLDFkKmvzXBpLHYmmO1QezRd7UcPa1xMjM7Q:Rjz9X8mXGUXVPmr9mOzRd7UcPKoM0

Malware Config

Targets

    • Target

      c00c1b9d8ee35ee24778898f6f65670d2bef7b3f0331b64fad6b4d5081bf883eN

    • Size

      171KB

    • MD5

      fc0b4225305ce793d84e979b183bc3b0

    • SHA1

      23ec9d96139de7a484cc7b71e9e1e213e28365d6

    • SHA256

      c00c1b9d8ee35ee24778898f6f65670d2bef7b3f0331b64fad6b4d5081bf883e

    • SHA512

      cce333193badc92561446f6f62202cf5f12d55e23c0690cf380b73570ec72e21d04ba1360521b16bc73cfa2503ea0b035f75ea08af881dc979017e351dbd4104

    • SSDEEP

      3072:R2Iz9CI8mUOtDDPwLkBLXLDFkKmvzXBpLHYmmO1QezRd7UcPa1xMjM7Q:Rjz9X8mXGUXVPmr9mOzRd7UcPKoM0

    • Blocklisted process makes network request

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks