Resubmissions

22-10-2024 00:01

241022-abbvhawflk 10

21-10-2024 23:58

241021-31jwmawelj 8

21-10-2024 23:55

241021-3yrhpatgka 6

General

  • Target

    WaveInstaller.exe

  • Size

    2.3MB

  • Sample

    241021-31jwmawelj

  • MD5

    215d509bc217f7878270c161763b471e

  • SHA1

    bfe0a2580d54cfa28d3ff5ef8dc754fdc73adcd9

  • SHA256

    984dfc64c10f96c5350d6d9216a5d7abfece1658dfc93925f7a6b0c80817c886

  • SHA512

    68e615dfcb1b7770ad64175438a913744c14bdd3af93b339c2b526271bdd0d23334e78d049fdae8ca9fe66672a8cf252ebf891be9ab6c46a3d8f1fb00fa8c83b

  • SSDEEP

    49152:LinbT3qpTDQSmanAmwJAaDMg33U2pLOiniT:LinKpTJmWAmmAMP8in

Malware Config

Targets

    • Target

      WaveInstaller.exe

    • Size

      2.3MB

    • MD5

      215d509bc217f7878270c161763b471e

    • SHA1

      bfe0a2580d54cfa28d3ff5ef8dc754fdc73adcd9

    • SHA256

      984dfc64c10f96c5350d6d9216a5d7abfece1658dfc93925f7a6b0c80817c886

    • SHA512

      68e615dfcb1b7770ad64175438a913744c14bdd3af93b339c2b526271bdd0d23334e78d049fdae8ca9fe66672a8cf252ebf891be9ab6c46a3d8f1fb00fa8c83b

    • SSDEEP

      49152:LinbT3qpTDQSmanAmwJAaDMg33U2pLOiniT:LinKpTJmWAmmAMP8in

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks