General

  • Target

    a4ba1595bb74b6e6e37d19cc4e74a9b77e66d32222c428a0ac7cf4f9795d6d79N

  • Size

    134KB

  • Sample

    241016-hp11jssekl

  • MD5

    8730df7a6cc1de6ca03b3a53d39e2d30

  • SHA1

    b09695b0ae545fe8ab02cbb09e8f50f707b38baa

  • SHA256

    a4ba1595bb74b6e6e37d19cc4e74a9b77e66d32222c428a0ac7cf4f9795d6d79

  • SHA512

    19c0a54887b6d6118ffcbf5c56eb53351225ba52c82c90fdf9f63f76f4e9aaa48f8269d4fd1b2320947442190fcfdc233e4dd3f629f6a62f3dcdda8e8bb330c2

  • SSDEEP

    1536:T27e/C4pNBoyI1cYwk0nHAQNQ5xlaZFfZvkSQizsssneATHII+uj4OjxYQb9EB:/RxoyI4k4FYxiQ7pnRTh+uj4OFNb9c

Malware Config

Targets

    • Target

      a4ba1595bb74b6e6e37d19cc4e74a9b77e66d32222c428a0ac7cf4f9795d6d79N

    • Size

      134KB

    • MD5

      8730df7a6cc1de6ca03b3a53d39e2d30

    • SHA1

      b09695b0ae545fe8ab02cbb09e8f50f707b38baa

    • SHA256

      a4ba1595bb74b6e6e37d19cc4e74a9b77e66d32222c428a0ac7cf4f9795d6d79

    • SHA512

      19c0a54887b6d6118ffcbf5c56eb53351225ba52c82c90fdf9f63f76f4e9aaa48f8269d4fd1b2320947442190fcfdc233e4dd3f629f6a62f3dcdda8e8bb330c2

    • SSDEEP

      1536:T27e/C4pNBoyI1cYwk0nHAQNQ5xlaZFfZvkSQizsssneATHII+uj4OjxYQb9EB:/RxoyI4k4FYxiQ7pnRTh+uj4OFNb9c

    • Blocklisted process makes network request

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks