General

  • Target

    421895599af99e0f9736e956e211508b61607d232afa91ffb6b4fb7ecb329884

  • Size

    717KB

  • Sample

    241026-fyr3wszgnh

  • MD5

    f93eb8fc528a594d467cc5e01466e393

  • SHA1

    f754518f26ed31a027b36acaec97070ad21c0d40

  • SHA256

    421895599af99e0f9736e956e211508b61607d232afa91ffb6b4fb7ecb329884

  • SHA512

    804e532c87e4346fcbbaf27ed6762e44a111c3076d1fa63c18b037c2cfa244826e09b5002c2c1855140e57c40e7ae60525d955a3c1d9ee87752551abe1efa397

  • SSDEEP

    12288:fl+agfC6Aj+TN5uixZN+8rKhUdTC/wE1ZD0Ca5ZIXV:dBMLOS2opPIXV

Malware Config

Targets

    • Target

      421895599af99e0f9736e956e211508b61607d232afa91ffb6b4fb7ecb329884

    • Size

      717KB

    • MD5

      f93eb8fc528a594d467cc5e01466e393

    • SHA1

      f754518f26ed31a027b36acaec97070ad21c0d40

    • SHA256

      421895599af99e0f9736e956e211508b61607d232afa91ffb6b4fb7ecb329884

    • SHA512

      804e532c87e4346fcbbaf27ed6762e44a111c3076d1fa63c18b037c2cfa244826e09b5002c2c1855140e57c40e7ae60525d955a3c1d9ee87752551abe1efa397

    • SSDEEP

      12288:fl+agfC6Aj+TN5uixZN+8rKhUdTC/wE1ZD0Ca5ZIXV:dBMLOS2opPIXV

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks