General

  • Target

    SecuriteInfo.com.Win32.MalwareX-gen.1879.5700.exe

  • Size

    7.0MB

  • Sample

    241105-f1e64svhjb

  • MD5

    bcce9eb019428cf2cc32046b9a9f024c

  • SHA1

    5464ad73e2321959a99301c38bf8d3c53f0565f1

  • SHA256

    f2c4f0c152acbb4a8e575e6095fc84b6df932e114c4f2a32a69d1ed19c1a55f7

  • SHA512

    55932437926ddda92b949a532de464e471b5ba7fad3667451dc748ff79a0bd9b2549e91199d03ebd01dcb85033ff0e2a7a0dfd99f9c56c037ae0ec75b7c9740f

  • SSDEEP

    49152:kL5HL+DFju/m+4jFWIvB3lhyPeGwGJiPqfsJMefqeYhYWMlHmKebuEUw/yJB2sa:kLFle+HIJVhyPMUiyEJpvWK+U

Malware Config

Targets

    • Target

      SecuriteInfo.com.Win32.MalwareX-gen.1879.5700.exe

    • Size

      7.0MB

    • MD5

      bcce9eb019428cf2cc32046b9a9f024c

    • SHA1

      5464ad73e2321959a99301c38bf8d3c53f0565f1

    • SHA256

      f2c4f0c152acbb4a8e575e6095fc84b6df932e114c4f2a32a69d1ed19c1a55f7

    • SHA512

      55932437926ddda92b949a532de464e471b5ba7fad3667451dc748ff79a0bd9b2549e91199d03ebd01dcb85033ff0e2a7a0dfd99f9c56c037ae0ec75b7c9740f

    • SSDEEP

      49152:kL5HL+DFju/m+4jFWIvB3lhyPeGwGJiPqfsJMefqeYhYWMlHmKebuEUw/yJB2sa:kLFle+HIJVhyPMUiyEJpvWK+U

    • Uses browser remote debugging

      Can be used control the browser and steal sensitive information such as credentials and session cookies.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks