General

  • Target

    3b0913d0760b0914d59a2ef6f6d448a8cc4d0d00df54c3da101a86d791ab4292N

  • Size

    2.6MB

  • Sample

    241026-c7bwgszcnn

  • MD5

    1ec56fe4b088acb70e600f13b186c670

  • SHA1

    417f797440cccd8972ee296dce99c4494e10d98c

  • SHA256

    3b0913d0760b0914d59a2ef6f6d448a8cc4d0d00df54c3da101a86d791ab4292

  • SHA512

    052f147050bb760e5c61ccb9feaac39db5872cf5a49377231aefcd9a0be607635aa8fc6062ed63c0da7a6f8f0828ffdd72d9b1df7ebcf7a18802c9b1d21fbce0

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB2B/bS:sxX7QnxrloE5dpUpxb

Malware Config

Targets

    • Target

      3b0913d0760b0914d59a2ef6f6d448a8cc4d0d00df54c3da101a86d791ab4292N

    • Size

      2.6MB

    • MD5

      1ec56fe4b088acb70e600f13b186c670

    • SHA1

      417f797440cccd8972ee296dce99c4494e10d98c

    • SHA256

      3b0913d0760b0914d59a2ef6f6d448a8cc4d0d00df54c3da101a86d791ab4292

    • SHA512

      052f147050bb760e5c61ccb9feaac39db5872cf5a49377231aefcd9a0be607635aa8fc6062ed63c0da7a6f8f0828ffdd72d9b1df7ebcf7a18802c9b1d21fbce0

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB2B/bS:sxX7QnxrloE5dpUpxb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks