General
-
Target
opdirdel.exe
-
Size
104KB
-
Sample
241017-ssd1assflf
-
MD5
b47f24a14ba278dd069868619558f237
-
SHA1
e1c076724aeebfb54c1bbefda867ae672f8075ad
-
SHA256
1222dd20dbc702d9a07b79a19f038d30302753e8f6399281920e6d635b3b7ac2
-
SHA512
1bf07f1e6a21f069e464bfbd1c9d3a81e412107e880f1cade58ea4b7183d56f9bb23b7394a79e35eb7bce81588c7c43f5c3a1110dda6aec390f15f55059e354d
-
SSDEEP
1536:YuoJTFfXqHLTcX0iY7kCFiAAkfwnzplNy6IeaKiX5z:No9Vib7tFiAoVb6Kip
Malware Config
Targets
-
-
Target
opdirdel.exe
-
Size
104KB
-
MD5
b47f24a14ba278dd069868619558f237
-
SHA1
e1c076724aeebfb54c1bbefda867ae672f8075ad
-
SHA256
1222dd20dbc702d9a07b79a19f038d30302753e8f6399281920e6d635b3b7ac2
-
SHA512
1bf07f1e6a21f069e464bfbd1c9d3a81e412107e880f1cade58ea4b7183d56f9bb23b7394a79e35eb7bce81588c7c43f5c3a1110dda6aec390f15f55059e354d
-
SSDEEP
1536:YuoJTFfXqHLTcX0iY7kCFiAAkfwnzplNy6IeaKiX5z:No9Vib7tFiAoVb6Kip
Score8/10-
Drops file in Drivers directory
-
Manipulates Digital Signatures
Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.
-
Credentials from Password Stores: Windows Credential Manager
Suspicious access to Credentials History.
-
Drops startup file
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Drops desktop.ini file(s)
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
2Credentials from Web Browsers
1Windows Credential Manager
1Unsecured Credentials
1Credentials In Files
1