General

  • Target

    f48dfbdd7a895d6d96eba449d98930d3164a4a2c63d7c8a1b145a9238dddac5aN

  • Size

    586KB

  • Sample

    241021-k28bhaxfrf

  • MD5

    28baa93b0cee351b9c5d3e8d60d08460

  • SHA1

    acb43421a556947606a3e5aa743a8932fe8e98af

  • SHA256

    f48dfbdd7a895d6d96eba449d98930d3164a4a2c63d7c8a1b145a9238dddac5a

  • SHA512

    dbfc575f5f6d3d9d05924fe6bf4b0e40894dbb2e36f6521600af979e77a1421a78fa1b260a6f83531a1f465505f7d6d8719e57a32b95e5989750ae343ada8257

  • SSDEEP

    12288:gpqvTC+yOE+jSUjgIVJUwGOQHB/dfa1UmLDeW+KjPTtmkOyH:gEvqR0gUyyUmfeW+yPTtfOy

Malware Config

Targets

    • Target

      f48dfbdd7a895d6d96eba449d98930d3164a4a2c63d7c8a1b145a9238dddac5aN

    • Size

      586KB

    • MD5

      28baa93b0cee351b9c5d3e8d60d08460

    • SHA1

      acb43421a556947606a3e5aa743a8932fe8e98af

    • SHA256

      f48dfbdd7a895d6d96eba449d98930d3164a4a2c63d7c8a1b145a9238dddac5a

    • SHA512

      dbfc575f5f6d3d9d05924fe6bf4b0e40894dbb2e36f6521600af979e77a1421a78fa1b260a6f83531a1f465505f7d6d8719e57a32b95e5989750ae343ada8257

    • SSDEEP

      12288:gpqvTC+yOE+jSUjgIVJUwGOQHB/dfa1UmLDeW+KjPTtmkOyH:gEvqR0gUyyUmfeW+yPTtfOy

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks