General

  • Target

    661903ba4171e7efced0adcf9f290286f27976cc5385d023c9f9ebf497d34ecd

  • Size

    345KB

  • Sample

    241021-tk5zgsydnd

  • MD5

    90ee10eb4c4f5da9b4fc524ec7ac1be1

  • SHA1

    8b2c03884847ac0a95977e6453684afc6f85f4ba

  • SHA256

    661903ba4171e7efced0adcf9f290286f27976cc5385d023c9f9ebf497d34ecd

  • SHA512

    5436f73bfc6c865005d49ba286d008c0da19887aa18fccd5bade5f0df082418795e8fc1d4faff0a825ee2b7e092ab8b41917e58da979ac1e3d3f0b4317d12a06

  • SSDEEP

    6144:zHj9N/Gc6Hj9N/Gc6Hj9N/Gc6Hj9N/Gc6Hj9N/Gc6Hj9N/Gc6Hj9N/Gccq:Djzr+jzr+jzr+jzr+jzr+jzr+jzrH

Malware Config

Targets

    • Target

      661903ba4171e7efced0adcf9f290286f27976cc5385d023c9f9ebf497d34ecd

    • Size

      345KB

    • MD5

      90ee10eb4c4f5da9b4fc524ec7ac1be1

    • SHA1

      8b2c03884847ac0a95977e6453684afc6f85f4ba

    • SHA256

      661903ba4171e7efced0adcf9f290286f27976cc5385d023c9f9ebf497d34ecd

    • SHA512

      5436f73bfc6c865005d49ba286d008c0da19887aa18fccd5bade5f0df082418795e8fc1d4faff0a825ee2b7e092ab8b41917e58da979ac1e3d3f0b4317d12a06

    • SSDEEP

      6144:zHj9N/Gc6Hj9N/Gc6Hj9N/Gc6Hj9N/Gc6Hj9N/Gc6Hj9N/Gc6Hj9N/Gccq:Djzr+jzr+jzr+jzr+jzr+jzr+jzrH

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks