General

  • Target

    1146d94086328f1c40617bff0d1bc9a671960fa2c4314a76c2803f77ff240e4cN

  • Size

    2.6MB

  • Sample

    241021-qlsh1aveqg

  • MD5

    e14ba8d8e5f2d5d35e4e513799e4d660

  • SHA1

    4f476b5ec8ebf3d6787c5f9db2d5ffcde5e7b4bd

  • SHA256

    1146d94086328f1c40617bff0d1bc9a671960fa2c4314a76c2803f77ff240e4c

  • SHA512

    2945d1660ef47abd5acdffb37e08d4dfae2b907712987a63f69f620769a5e1001620b515d37414fcab437966b2e15e9ed6b87921ca62fce3b098cbaac6cff12f

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBmB/bS:sxX7QnxrloE5dpUpxb

Malware Config

Targets

    • Target

      1146d94086328f1c40617bff0d1bc9a671960fa2c4314a76c2803f77ff240e4cN

    • Size

      2.6MB

    • MD5

      e14ba8d8e5f2d5d35e4e513799e4d660

    • SHA1

      4f476b5ec8ebf3d6787c5f9db2d5ffcde5e7b4bd

    • SHA256

      1146d94086328f1c40617bff0d1bc9a671960fa2c4314a76c2803f77ff240e4c

    • SHA512

      2945d1660ef47abd5acdffb37e08d4dfae2b907712987a63f69f620769a5e1001620b515d37414fcab437966b2e15e9ed6b87921ca62fce3b098cbaac6cff12f

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBmB/bS:sxX7QnxrloE5dpUpxb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks