General

  • Target

    d525e42ce85e1e68f58ec1baf1a939eaf5e6f03cee6b565cd17400e24048e9c9N

  • Size

    2.6MB

  • Sample

    241026-dj9y2swmfn

  • MD5

    b852030826e4344636152373f3c99d40

  • SHA1

    fa2e2d79ee28e07e12b5fd3dc298253d6565b645

  • SHA256

    d525e42ce85e1e68f58ec1baf1a939eaf5e6f03cee6b565cd17400e24048e9c9

  • SHA512

    1adee118b3e40c70f6db34a629c51091c311da029020f5905ab23c4a67a2a5312ef21d6db3befb091dbf555a36d7f1cad6815abc54c775718565c088b94702b7

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBgB/bS:sxX7QnxrloE5dpUpXb

Malware Config

Targets

    • Target

      d525e42ce85e1e68f58ec1baf1a939eaf5e6f03cee6b565cd17400e24048e9c9N

    • Size

      2.6MB

    • MD5

      b852030826e4344636152373f3c99d40

    • SHA1

      fa2e2d79ee28e07e12b5fd3dc298253d6565b645

    • SHA256

      d525e42ce85e1e68f58ec1baf1a939eaf5e6f03cee6b565cd17400e24048e9c9

    • SHA512

      1adee118b3e40c70f6db34a629c51091c311da029020f5905ab23c4a67a2a5312ef21d6db3befb091dbf555a36d7f1cad6815abc54c775718565c088b94702b7

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBgB/bS:sxX7QnxrloE5dpUpXb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks