Resubmissions

13-11-2024 18:08

241113-wrcmmaxblr 7

21-10-2024 10:52

241021-myeacssgnl 7

General

  • Target

    Mi.zip

  • Size

    2.5MB

  • Sample

    241021-myeacssgnl

  • MD5

    dda7c2a1293841a6f87a4f5f7d2624bf

  • SHA1

    681478d68f63fc207f246d5fea07bb9b449e68ec

  • SHA256

    04ffecb36e580f4d94d228e3f3f13ded0aada7609b55918b03e90f7c01da416a

  • SHA512

    800dbf776a44a66bf82c8f6cbbdd0353d6d37f0135fe8cb8f77cf9ce494c1fb293607dbbd544bf370436d3fa85b4e9bdd3ba4427f5d5f70e581ac0e16e29ea81

  • SSDEEP

    24576:OzzMG+jzShX46mmRdHkPyjgZ7RiL573AMOzeZkLtKJ63ZY/5CuN3dw+N11z3gwA4:1G+vgm5bFsN73ArJhKA3Z+1rKVs0Z4P

Malware Config

Targets

    • Target

      Midnight.exe

    • Size

      833.0MB

    • MD5

      614f05fb96505693d31c2bd0c4ea779f

    • SHA1

      77f1b72c7b9c1a27470b85014af57392f753f26c

    • SHA256

      c9183bed0aee65c6873ac74341b4c95528c66571a58f0eba640eb70b11d22771

    • SHA512

      762fe519144638398bd1f21a494aa710ea99eabccafb07006f097f50d43e72da64908a326c6c61cb1b682a7fd6c408ef69ebeea04982cbae0e28b1849582d981

    • SSDEEP

      49152:eipgXY63dUtOxHpSn7JE/txwArTKJJGhu:eipkY9UxHpSn9ElSArGYu

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses Microsoft Outlook profiles

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks