General

  • Target

    0f86ad3c3f867aadeb19b0d2a953fb96b2d38033efd5944ac5e41ba4c42f4998

  • Size

    5.7MB

  • Sample

    241026-fywq3sxqbn

  • MD5

    26da089e3c254389a1a438093472a5f2

  • SHA1

    0261a9bd8f2b172e5a086776b00959a4f0760d95

  • SHA256

    0f86ad3c3f867aadeb19b0d2a953fb96b2d38033efd5944ac5e41ba4c42f4998

  • SHA512

    385aa8fb1ae224bb7cca9d0de51e26d9062606d94fa04960732baf051f7f10fbc503dd0d25b2e7d9d9b2554969c109677f9d9ffe2f2d2ff3a0493b7ae4b8e94d

  • SSDEEP

    49152:dBsPv94AEsKU8ggw1g+1CART5eBiyKS3EI3wybn20DCYIHvc8ixuZm9+fWsw6dTP:dEKUgTH2M2m9UMpu1QfLczqssnKSk

Malware Config

Targets

    • Target

      0f86ad3c3f867aadeb19b0d2a953fb96b2d38033efd5944ac5e41ba4c42f4998

    • Size

      5.7MB

    • MD5

      26da089e3c254389a1a438093472a5f2

    • SHA1

      0261a9bd8f2b172e5a086776b00959a4f0760d95

    • SHA256

      0f86ad3c3f867aadeb19b0d2a953fb96b2d38033efd5944ac5e41ba4c42f4998

    • SHA512

      385aa8fb1ae224bb7cca9d0de51e26d9062606d94fa04960732baf051f7f10fbc503dd0d25b2e7d9d9b2554969c109677f9d9ffe2f2d2ff3a0493b7ae4b8e94d

    • SSDEEP

      49152:dBsPv94AEsKU8ggw1g+1CART5eBiyKS3EI3wybn20DCYIHvc8ixuZm9+fWsw6dTP:dEKUgTH2M2m9UMpu1QfLczqssnKSk

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks