General

  • Target

    35b9c1d89c8cda7bf074d92ff851ca9f43659037526723c1b8225b7887152308N

  • Size

    2.6MB

  • Sample

    241021-jk6wnsvgpg

  • MD5

    80ea5120ceac64c9b27fc1d0a585ced0

  • SHA1

    06afdc5e98d685f9b00aa3542762bcbe3bd3ea13

  • SHA256

    35b9c1d89c8cda7bf074d92ff851ca9f43659037526723c1b8225b7887152308

  • SHA512

    1765b4af8bef01f9e58fbe35b31cf191eeea9f36aa8c783ff7e368294275254fd0ae73ed59b6284e52232f88b805e07789abce7d8d9d914d0cdf4a5d8ba159ea

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBQB/bS:sxX7QnxrloE5dpUp3b

Malware Config

Targets

    • Target

      35b9c1d89c8cda7bf074d92ff851ca9f43659037526723c1b8225b7887152308N

    • Size

      2.6MB

    • MD5

      80ea5120ceac64c9b27fc1d0a585ced0

    • SHA1

      06afdc5e98d685f9b00aa3542762bcbe3bd3ea13

    • SHA256

      35b9c1d89c8cda7bf074d92ff851ca9f43659037526723c1b8225b7887152308

    • SHA512

      1765b4af8bef01f9e58fbe35b31cf191eeea9f36aa8c783ff7e368294275254fd0ae73ed59b6284e52232f88b805e07789abce7d8d9d914d0cdf4a5d8ba159ea

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBQB/bS:sxX7QnxrloE5dpUp3b

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks