General

  • Target

    fbbe7479389b0145d4c06e514176513a627cc16fb762972d5b2c9b0becc61ff6

  • Size

    1.4MB

  • Sample

    241104-j4njfaxhqk

  • MD5

    76d5e5e36e3dd07c9394fecace26bffc

  • SHA1

    69004dead686db275d3921a106773e9d17fbf93d

  • SHA256

    fbbe7479389b0145d4c06e514176513a627cc16fb762972d5b2c9b0becc61ff6

  • SHA512

    b435579e53e31bf3f32ab812a8d1e1da989ba179eec007fd19f86b18054d2f6811023dc6d8c9557ed5d0e4f37d8ae3d1fd8c93db82b256c06d0f825e169631dc

  • SSDEEP

    24576:9M/OP0Z/V6izJr5XcJfRi4PxiEw/+Pqwr6GBm0e9UyiL100RZBFP:sOPW/Mi95XcJfgixrw/yqs6GS9HiCMZ/

Malware Config

Targets

    • Target

      fbbe7479389b0145d4c06e514176513a627cc16fb762972d5b2c9b0becc61ff6

    • Size

      1.4MB

    • MD5

      76d5e5e36e3dd07c9394fecace26bffc

    • SHA1

      69004dead686db275d3921a106773e9d17fbf93d

    • SHA256

      fbbe7479389b0145d4c06e514176513a627cc16fb762972d5b2c9b0becc61ff6

    • SHA512

      b435579e53e31bf3f32ab812a8d1e1da989ba179eec007fd19f86b18054d2f6811023dc6d8c9557ed5d0e4f37d8ae3d1fd8c93db82b256c06d0f825e169631dc

    • SSDEEP

      24576:9M/OP0Z/V6izJr5XcJfRi4PxiEw/+Pqwr6GBm0e9UyiL100RZBFP:sOPW/Mi95XcJfgixrw/yqs6GS9HiCMZ/

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks