General

  • Target

    52842ee069de015a83bcc14d4469b7a210ed841ec9351c68b80da4e8e61c72b6N

  • Size

    1.9MB

  • Sample

    241030-tw9f2sxepl

  • MD5

    086c8d560aa7f798c0d834cc265ddf00

  • SHA1

    9ebd83183e8637de91538d952045a9553a3a6b44

  • SHA256

    52842ee069de015a83bcc14d4469b7a210ed841ec9351c68b80da4e8e61c72b6

  • SHA512

    35482c690189413d7d1c2d5ee192b572ac40aac1d6badde25e72ee4944c9740d8378eb9eba7610065f9f24fe23216b2244d7cf345c103992c4d4bf5f011601be

  • SSDEEP

    49152:BMwEeY//IQhJowy+T1MwEeY//IQhJowy+Tq:CuY/XhMuY/Xho

Malware Config

Targets

    • Target

      52842ee069de015a83bcc14d4469b7a210ed841ec9351c68b80da4e8e61c72b6N

    • Size

      1.9MB

    • MD5

      086c8d560aa7f798c0d834cc265ddf00

    • SHA1

      9ebd83183e8637de91538d952045a9553a3a6b44

    • SHA256

      52842ee069de015a83bcc14d4469b7a210ed841ec9351c68b80da4e8e61c72b6

    • SHA512

      35482c690189413d7d1c2d5ee192b572ac40aac1d6badde25e72ee4944c9740d8378eb9eba7610065f9f24fe23216b2244d7cf345c103992c4d4bf5f011601be

    • SSDEEP

      49152:BMwEeY//IQhJowy+T1MwEeY//IQhJowy+Tq:CuY/XhMuY/Xho

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

MITRE ATT&CK Enterprise v15

Tasks