General

  • Target

    465a1cefe61446110cc521d376651a5074fb87295da5fd64bd74fd25cbab669b

  • Size

    6.7MB

  • Sample

    241105-2pypza1cnl

  • MD5

    b7f5c14a24d91d8fa8834b4d789104cc

  • SHA1

    1a15d377e5d21adab374d53f3c8df88defc67b17

  • SHA256

    465a1cefe61446110cc521d376651a5074fb87295da5fd64bd74fd25cbab669b

  • SHA512

    8998f6d299519e5110b60ee08bcf7ad965692460089eb19fba6f6438c9cc0cf162a798e1fbc40ebcf7d58a1da30764c3065846998328978d3b80e1b30512c676

  • SSDEEP

    49152:7TEDHrpFgMbOOH0DP/jYPVrClP2Ceh/4dXuDOpyJWkqGzfbechxeW2PCXrK9b65n:7T04MbO2y/ENroPo94BCO4fGPC7Kso+

Malware Config

Targets

    • Target

      465a1cefe61446110cc521d376651a5074fb87295da5fd64bd74fd25cbab669b

    • Size

      6.7MB

    • MD5

      b7f5c14a24d91d8fa8834b4d789104cc

    • SHA1

      1a15d377e5d21adab374d53f3c8df88defc67b17

    • SHA256

      465a1cefe61446110cc521d376651a5074fb87295da5fd64bd74fd25cbab669b

    • SHA512

      8998f6d299519e5110b60ee08bcf7ad965692460089eb19fba6f6438c9cc0cf162a798e1fbc40ebcf7d58a1da30764c3065846998328978d3b80e1b30512c676

    • SSDEEP

      49152:7TEDHrpFgMbOOH0DP/jYPVrClP2Ceh/4dXuDOpyJWkqGzfbechxeW2PCXrK9b65n:7T04MbO2y/ENroPo94BCO4fGPC7Kso+

    • Uses browser remote debugging

      Can be used control the browser and steal sensitive information such as credentials and session cookies.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks