General

  • Target

    559d58130a934f025e58ef2b341748a7976dc38e3ac61914a9957723005a7d0b

  • Size

    1.7MB

  • Sample

    241026-dthmjswnhm

  • MD5

    1902e89334952e5190f59e7effd83c66

  • SHA1

    090526c53bb5565342fda379e2f3f1208cd68a27

  • SHA256

    559d58130a934f025e58ef2b341748a7976dc38e3ac61914a9957723005a7d0b

  • SHA512

    80d72061a5890ab302005f79f111c15f59100f36eef6fdd0b2e03d6911910e5992e596d5d3c81b6922720d6c936716cff747b33873e8dfd2b8e701c662517078

  • SSDEEP

    24576:zWd7S8NK3oYykTcDvebZI7LrS/85RkVt7jjHpaNur4lXuz2f1rdZF/:zKxNuykTcKb4rSUfkVFjjJaN7oz63X

Malware Config

Targets

    • Target

      559d58130a934f025e58ef2b341748a7976dc38e3ac61914a9957723005a7d0b

    • Size

      1.7MB

    • MD5

      1902e89334952e5190f59e7effd83c66

    • SHA1

      090526c53bb5565342fda379e2f3f1208cd68a27

    • SHA256

      559d58130a934f025e58ef2b341748a7976dc38e3ac61914a9957723005a7d0b

    • SHA512

      80d72061a5890ab302005f79f111c15f59100f36eef6fdd0b2e03d6911910e5992e596d5d3c81b6922720d6c936716cff747b33873e8dfd2b8e701c662517078

    • SSDEEP

      24576:zWd7S8NK3oYykTcDvebZI7LrS/85RkVt7jjHpaNur4lXuz2f1rdZF/:zKxNuykTcKb4rSUfkVFjjJaN7oz63X

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks