General

  • Target

    4aae49c1596dd8795042796d3970c16e50c2141ed1e5fc0f02bc5ec72272abfaN

  • Size

    2.6MB

  • Sample

    241026-fnaqvsxrc1

  • MD5

    85cf0723fe174717eb2911e35f292780

  • SHA1

    b1a8817c0c15845fc512bef2c2b1800f0a4f6a50

  • SHA256

    4aae49c1596dd8795042796d3970c16e50c2141ed1e5fc0f02bc5ec72272abfa

  • SHA512

    4f42f404071305617932d621aa3f4f558a9968393da37fef07a36f61592646c3bf54f0349f16bf54ca79c127da5d69a78bc1540d08991976f098ccf20a97cc39

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBrB/bS:sxX7QnxrloE5dpUpMb

Malware Config

Targets

    • Target

      4aae49c1596dd8795042796d3970c16e50c2141ed1e5fc0f02bc5ec72272abfaN

    • Size

      2.6MB

    • MD5

      85cf0723fe174717eb2911e35f292780

    • SHA1

      b1a8817c0c15845fc512bef2c2b1800f0a4f6a50

    • SHA256

      4aae49c1596dd8795042796d3970c16e50c2141ed1e5fc0f02bc5ec72272abfa

    • SHA512

      4f42f404071305617932d621aa3f4f558a9968393da37fef07a36f61592646c3bf54f0349f16bf54ca79c127da5d69a78bc1540d08991976f098ccf20a97cc39

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBrB/bS:sxX7QnxrloE5dpUpMb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks