General

  • Target

    OperaGXSetup (1).exe

  • Size

    3.2MB

  • Sample

    241027-r6sj6swmhk

  • MD5

    3ced0af25daa632ed236f33d040af4d1

  • SHA1

    9c192981c7de834147ef30488850323c00f3d4c9

  • SHA256

    67e287c9c44495bc55826ecf887f87ddcbeb58ba44d1a4d0329cb8e5e1b6b31f

  • SHA512

    99e9677e70f54ffe88d5383bd22609f4be6f752ec9bb337720f4441e408918743b5cf3463abc6dd76399486a6be845c69c47212ece988256e72fe66e76293d6b

  • SSDEEP

    49152:FVAbwPZo8iIk9k6qkbnzlpp+E6k5ucpKx9OA/cIq6XdEHi8kmtxvDTZvjFhBvm:zA4diGkbnfMEZEcpwHq6NMiaDNbM

Malware Config

Targets

    • Target

      OperaGXSetup (1).exe

    • Size

      3.2MB

    • MD5

      3ced0af25daa632ed236f33d040af4d1

    • SHA1

      9c192981c7de834147ef30488850323c00f3d4c9

    • SHA256

      67e287c9c44495bc55826ecf887f87ddcbeb58ba44d1a4d0329cb8e5e1b6b31f

    • SHA512

      99e9677e70f54ffe88d5383bd22609f4be6f752ec9bb337720f4441e408918743b5cf3463abc6dd76399486a6be845c69c47212ece988256e72fe66e76293d6b

    • SSDEEP

      49152:FVAbwPZo8iIk9k6qkbnzlpp+E6k5ucpKx9OA/cIq6XdEHi8kmtxvDTZvjFhBvm:zA4diGkbnfMEZEcpwHq6NMiaDNbM

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks