General

  • Target

    20c9534b644226f04b74eb21eae5c32d25cdc792bdced85258d97c19b178060eN

  • Size

    3.2MB

  • Sample

    241027-xekyxaylaz

  • MD5

    ed6e0ce70109b66fa3cf6b56c0d15a60

  • SHA1

    d81f42b8e59ce791f0b1f38bc93a836665d07856

  • SHA256

    20c9534b644226f04b74eb21eae5c32d25cdc792bdced85258d97c19b178060e

  • SHA512

    e7958d8d2177e61cad89a51e70615389ec41207d4847fa08c4b9e9e953d5eed70c279dd9afb7cb0e82a96a4f2b9af33db551c258a814e74e2995dfaeba5a486e

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB7B/bSqz8b6LNXJqI20t:sxX7QnxrloE5dpUpMbVz8eLFcz

Malware Config

Targets

    • Target

      20c9534b644226f04b74eb21eae5c32d25cdc792bdced85258d97c19b178060eN

    • Size

      3.2MB

    • MD5

      ed6e0ce70109b66fa3cf6b56c0d15a60

    • SHA1

      d81f42b8e59ce791f0b1f38bc93a836665d07856

    • SHA256

      20c9534b644226f04b74eb21eae5c32d25cdc792bdced85258d97c19b178060e

    • SHA512

      e7958d8d2177e61cad89a51e70615389ec41207d4847fa08c4b9e9e953d5eed70c279dd9afb7cb0e82a96a4f2b9af33db551c258a814e74e2995dfaeba5a486e

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB7B/bSqz8b6LNXJqI20t:sxX7QnxrloE5dpUpMbVz8eLFcz

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks