General

  • Target

    54adff58e3da86af0ba8d91fb5ac943a941bc72c305018f95ea18b744869a45bN

  • Size

    1.8MB

  • Sample

    241027-wt9p5szgpf

  • MD5

    e132cf641d1ea37db455dacea6f46130

  • SHA1

    35a219be7c395ef4e1142c067e09409ab92549f2

  • SHA256

    54adff58e3da86af0ba8d91fb5ac943a941bc72c305018f95ea18b744869a45b

  • SHA512

    9847d5400001626d07b99142283593c5e0ba02ddb71870ad49c60c1eac0f54f3ba8529e7c6bfc4de17965aad61aca759bd53cee2af2149347b4622a7c2af87c1

  • SSDEEP

    24576:smlIHhv8Sjl43/gjAsN9BT8VI+kmJpRzAOktqC8AZAbUOoT3RgUuHLUAS799YRmF:smlI/BlNHakmP/ktmAzCUko7ak

Malware Config

Targets

    • Target

      54adff58e3da86af0ba8d91fb5ac943a941bc72c305018f95ea18b744869a45bN

    • Size

      1.8MB

    • MD5

      e132cf641d1ea37db455dacea6f46130

    • SHA1

      35a219be7c395ef4e1142c067e09409ab92549f2

    • SHA256

      54adff58e3da86af0ba8d91fb5ac943a941bc72c305018f95ea18b744869a45b

    • SHA512

      9847d5400001626d07b99142283593c5e0ba02ddb71870ad49c60c1eac0f54f3ba8529e7c6bfc4de17965aad61aca759bd53cee2af2149347b4622a7c2af87c1

    • SSDEEP

      24576:smlIHhv8Sjl43/gjAsN9BT8VI+kmJpRzAOktqC8AZAbUOoT3RgUuHLUAS799YRmF:smlI/BlNHakmP/ktmAzCUko7ak

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks