General

  • Target

    aimxk.exe

  • Size

    66.2MB

  • Sample

    241021-skshqazdpn

  • MD5

    37d6addbe58461d4f87cc88e20e5e6e0

  • SHA1

    a62a680fc8f2cf46f39564646214e5447762763a

  • SHA256

    e586ec82bacad95a1c3974f13205a144aae070930947356557bf13656ea52da7

  • SHA512

    37117d5bf8750996eacc159da7b2c37ef05e40b431d640bb7154ca2275d0f4b1aa1f0641e156e21ab03a25d7d94a7b0d22705217cef0d05be2c740ca9d22f6a7

  • SSDEEP

    1572864:tQZ2mlRLX5WJoWbgWRSgkNOXWxtQSNLiIB3yxpIr2WW:tQLdX5M3gbcKCmB3br7

Malware Config

Targets

    • Target

      aimxk.exe

    • Size

      66.2MB

    • MD5

      37d6addbe58461d4f87cc88e20e5e6e0

    • SHA1

      a62a680fc8f2cf46f39564646214e5447762763a

    • SHA256

      e586ec82bacad95a1c3974f13205a144aae070930947356557bf13656ea52da7

    • SHA512

      37117d5bf8750996eacc159da7b2c37ef05e40b431d640bb7154ca2275d0f4b1aa1f0641e156e21ab03a25d7d94a7b0d22705217cef0d05be2c740ca9d22f6a7

    • SSDEEP

      1572864:tQZ2mlRLX5WJoWbgWRSgkNOXWxtQSNLiIB3yxpIr2WW:tQLdX5M3gbcKCmB3br7

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks