General

  • Target

    Yhitogajykolezevegusezapo.exe

  • Size

    134KB

  • Sample

    241101-sw8zvatmek

  • MD5

    5eb0d75dbafa47424858e11abc7e045b

  • SHA1

    bd9b9a02046cea9d06fe1ab4b7cbef3ede73aa28

  • SHA256

    725e35a058040e4caadcd5f85e189093c4511280133e4182bf93bf37b7ff4400

  • SHA512

    96706ebc6e8113d59dc5b2f07e693d82a5b31953ce457192189c1a0de0487ae4efadb7478a22bc3ab741de6472de6a7680118ec92e652a391798f709bd7a0637

  • SSDEEP

    3072:ysqTjVxXwcaRJWlqebYeOPq3W6owAekpOGd1rpN/tX:ysqT/wcmmtoyWNwAezGrpN/

Malware Config

Targets

    • Target

      Yhitogajykolezevegusezapo.exe

    • Size

      134KB

    • MD5

      5eb0d75dbafa47424858e11abc7e045b

    • SHA1

      bd9b9a02046cea9d06fe1ab4b7cbef3ede73aa28

    • SHA256

      725e35a058040e4caadcd5f85e189093c4511280133e4182bf93bf37b7ff4400

    • SHA512

      96706ebc6e8113d59dc5b2f07e693d82a5b31953ce457192189c1a0de0487ae4efadb7478a22bc3ab741de6472de6a7680118ec92e652a391798f709bd7a0637

    • SSDEEP

      3072:ysqTjVxXwcaRJWlqebYeOPq3W6owAekpOGd1rpN/tX:ysqT/wcmmtoyWNwAezGrpN/

    • Uses browser remote debugging

      Can be used control the browser and steal sensitive information such as credentials and session cookies.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks