General

  • Target

    27eef5b9c161cf6bbeed29c6f03477a367adceeada9c80f0ec62bd95c931f65b

  • Size

    70KB

  • Sample

    241026-fy1d9s1gmp

  • MD5

    063c8e467d2e3c2a0386a365c4c9eaca

  • SHA1

    4c427b33c71e2abbd71378b01fe0e137d9682166

  • SHA256

    27eef5b9c161cf6bbeed29c6f03477a367adceeada9c80f0ec62bd95c931f65b

  • SHA512

    e395f412c05cf4f815fcb09d7afe364543e6e5bca8b2253fcaf753cfd15d1ee85a31da5945d971ee4a9b93bfc7ecac9ed4bb9f373519bed048171b66e8a0878a

  • SSDEEP

    1536:I4we+Zk77RNzLiTOPriw+d9bHrkT5gUHz7FxtJ:I4we+aX3zvPrBkfkT5xHzD

Malware Config

Targets

    • Target

      27eef5b9c161cf6bbeed29c6f03477a367adceeada9c80f0ec62bd95c931f65b

    • Size

      70KB

    • MD5

      063c8e467d2e3c2a0386a365c4c9eaca

    • SHA1

      4c427b33c71e2abbd71378b01fe0e137d9682166

    • SHA256

      27eef5b9c161cf6bbeed29c6f03477a367adceeada9c80f0ec62bd95c931f65b

    • SHA512

      e395f412c05cf4f815fcb09d7afe364543e6e5bca8b2253fcaf753cfd15d1ee85a31da5945d971ee4a9b93bfc7ecac9ed4bb9f373519bed048171b66e8a0878a

    • SSDEEP

      1536:I4we+Zk77RNzLiTOPriw+d9bHrkT5gUHz7FxtJ:I4we+aX3zvPrBkfkT5xHzD

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks