General

  • Target

    498bdb531edcd99d85464d0717b790138a3e76950c24f2cf9a141e020e8c7b21N

  • Size

    2.6MB

  • Sample

    241031-cac3aaxaqp

  • MD5

    a15549388e8505b38d0cbc086ab21650

  • SHA1

    ffd85f890273c73fe210f5c2feb0008b853c62b5

  • SHA256

    498bdb531edcd99d85464d0717b790138a3e76950c24f2cf9a141e020e8c7b21

  • SHA512

    1973395607f23f5e2face253dd5bd8cdd8c830ca589263628b0b4f83d4828911a4994a5db9621095023b1360414a976a05c73b5aece9a8528ef30b486c317d0f

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB+B/bS:sxX7QnxrloE5dpUplb

Malware Config

Targets

    • Target

      498bdb531edcd99d85464d0717b790138a3e76950c24f2cf9a141e020e8c7b21N

    • Size

      2.6MB

    • MD5

      a15549388e8505b38d0cbc086ab21650

    • SHA1

      ffd85f890273c73fe210f5c2feb0008b853c62b5

    • SHA256

      498bdb531edcd99d85464d0717b790138a3e76950c24f2cf9a141e020e8c7b21

    • SHA512

      1973395607f23f5e2face253dd5bd8cdd8c830ca589263628b0b4f83d4828911a4994a5db9621095023b1360414a976a05c73b5aece9a8528ef30b486c317d0f

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB+B/bS:sxX7QnxrloE5dpUplb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks