General

  • Target

    61da82f193ef5afc06e7dca8699ea0f38a965001307a187c623c8f1a9c7dac41

  • Size

    1.1MB

  • Sample

    241026-fysdnayjb1

  • MD5

    f8b7590d629a1561734035ca84b0c09b

  • SHA1

    f1b5e0d581eb96a8b47f85db37655e7cf63317d2

  • SHA256

    61da82f193ef5afc06e7dca8699ea0f38a965001307a187c623c8f1a9c7dac41

  • SHA512

    a960ee0753d6883b8b59b27fb002070f22b139281ec8b6702a025aa88b1dca42fd10711d54059f583f16ff9ee5274939602b8cbef6f4f23f6c58747065cdd589

  • SSDEEP

    24576:dB0f9AiKGpEoQpkN2C4McuKo0GTNJpyT5RGeQa0s:dB0+GtCi27mVHyT+a0s

Malware Config

Targets

    • Target

      61da82f193ef5afc06e7dca8699ea0f38a965001307a187c623c8f1a9c7dac41

    • Size

      1.1MB

    • MD5

      f8b7590d629a1561734035ca84b0c09b

    • SHA1

      f1b5e0d581eb96a8b47f85db37655e7cf63317d2

    • SHA256

      61da82f193ef5afc06e7dca8699ea0f38a965001307a187c623c8f1a9c7dac41

    • SHA512

      a960ee0753d6883b8b59b27fb002070f22b139281ec8b6702a025aa88b1dca42fd10711d54059f583f16ff9ee5274939602b8cbef6f4f23f6c58747065cdd589

    • SSDEEP

      24576:dB0f9AiKGpEoQpkN2C4McuKo0GTNJpyT5RGeQa0s:dB0+GtCi27mVHyT+a0s

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks