Resubmissions

30-10-2024 18:56

241030-xlpwfayjes 10

30-10-2024 18:54

241030-xkh2hazbkd 10

30-10-2024 12:18

241030-pgs4astcnr 10

30-10-2024 00:51

241030-a7ldtavjar 10

General

  • Target

    main.exe

  • Size

    17.9MB

  • Sample

    241030-xkh2hazbkd

  • MD5

    730fc86da627a409e79927e3d7a4c134

  • SHA1

    b6d604d54f768ffa2ee23f392f00923f577477e7

  • SHA256

    d3976032b4f070c0869f16149179df984ef6c479d1b510062ced4cda55bd17b8

  • SHA512

    b5f7696b65ee1e4b6f0baf7b01080b2d08afcdea916f035c7abe68774cc3278989bb0375a95e8c65180738fed4c0d8d7f923b8a5a459999d169202aaa1b88a50

  • SSDEEP

    393216:oqPnLFXlrzQMDOETgsvfGlgQnZvEnY9dDunE3q:ZPLFXNzQREorOnK1uh

Malware Config

Targets

    • Target

      main.exe

    • Size

      17.9MB

    • MD5

      730fc86da627a409e79927e3d7a4c134

    • SHA1

      b6d604d54f768ffa2ee23f392f00923f577477e7

    • SHA256

      d3976032b4f070c0869f16149179df984ef6c479d1b510062ced4cda55bd17b8

    • SHA512

      b5f7696b65ee1e4b6f0baf7b01080b2d08afcdea916f035c7abe68774cc3278989bb0375a95e8c65180738fed4c0d8d7f923b8a5a459999d169202aaa1b88a50

    • SSDEEP

      393216:oqPnLFXlrzQMDOETgsvfGlgQnZvEnY9dDunE3q:ZPLFXNzQREorOnK1uh

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks