General

  • Target

    TEST..exe

  • Size

    22.5MB

  • Sample

    241026-fz6mnsxqcq

  • MD5

    f1e901aa4008fcd9c7463cb3fef8d33a

  • SHA1

    636b550e9bb5379d4a87c6711fff85c8e5939e11

  • SHA256

    b4a5392fe433b3647a8b9e9d8d42475dd1c9c8519798edbab270f0506559d4e3

  • SHA512

    ecd666243103d10e7b6d28d103e6ddc788eaf8ac3c0d5a23fab91bdaf51794fecfb5d4501c259c9c19afa91b5161a3ce1372edb5775a304d9400a5f848a770f9

  • SSDEEP

    393216:yE2LYKd1QLdCTGz7k9IHSiK1piXLGVE4aPv3NMso0FdYNG2L:yI4uf7kDiXHFPvS62L

Malware Config

Targets

    • Target

      TEST..exe

    • Size

      22.5MB

    • MD5

      f1e901aa4008fcd9c7463cb3fef8d33a

    • SHA1

      636b550e9bb5379d4a87c6711fff85c8e5939e11

    • SHA256

      b4a5392fe433b3647a8b9e9d8d42475dd1c9c8519798edbab270f0506559d4e3

    • SHA512

      ecd666243103d10e7b6d28d103e6ddc788eaf8ac3c0d5a23fab91bdaf51794fecfb5d4501c259c9c19afa91b5161a3ce1372edb5775a304d9400a5f848a770f9

    • SSDEEP

      393216:yE2LYKd1QLdCTGz7k9IHSiK1piXLGVE4aPv3NMso0FdYNG2L:yI4uf7kDiXHFPvS62L

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      TEST..pyc

    • Size

      44KB

    • MD5

      3bc45f898790b6520d92a2b65e0753fa

    • SHA1

      3ee68a0ac7148fe1870f0daaabe6fc8394ce78c0

    • SHA256

      ea4598699f53932dda02ff37a3c8d42be5906575cb83ffe6afb2f828a6deb834

    • SHA512

      e368ac841a08e1a273296f21c992c0232651880d2f3d8412abbbe477d73e0771e1748484a9087aac8cc6f0aefdc3e846837db56abbacf09ddadeb1001578053e

    • SSDEEP

      768:G92WdgwyvzwRWTLWqp5geeiFk0vdu5ju/t8C0CpeUOY/S4jAxhCoDlhLxX1itJg:G92WmzUApHFlG+Ox4jmhCoDlhLxlic

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks