General

  • Target

    65f95d4c4a4222059284139076292b3617fad9656f16b2e1015b34f81760fefdN

  • Size

    250KB

  • Sample

    241107-s5v5cavjay

  • MD5

    8aba5e010da858c98a0332d6b8d5c2e0

  • SHA1

    3f12540136ff94be4d593e66c4dd7032203e8116

  • SHA256

    65f95d4c4a4222059284139076292b3617fad9656f16b2e1015b34f81760fefd

  • SHA512

    2e140bf0079aa6d0a54c5fc8b1a4ed11890af475fd70bff7fb3f39304afdc49cfe42ad58dadc8287eca7c2a843ce33643584ae3d800acb855653924945e74fa1

  • SSDEEP

    6144:h1OgDPdkBAFZWjadD4s5AbzL+z00ITRYPyt4sTam:h1OgLdaOAbzL+7I+PSTam

Malware Config

Targets

    • Target

      65f95d4c4a4222059284139076292b3617fad9656f16b2e1015b34f81760fefdN

    • Size

      250KB

    • MD5

      8aba5e010da858c98a0332d6b8d5c2e0

    • SHA1

      3f12540136ff94be4d593e66c4dd7032203e8116

    • SHA256

      65f95d4c4a4222059284139076292b3617fad9656f16b2e1015b34f81760fefd

    • SHA512

      2e140bf0079aa6d0a54c5fc8b1a4ed11890af475fd70bff7fb3f39304afdc49cfe42ad58dadc8287eca7c2a843ce33643584ae3d800acb855653924945e74fa1

    • SSDEEP

      6144:h1OgDPdkBAFZWjadD4s5AbzL+z00ITRYPyt4sTam:h1OgLdaOAbzL+7I+PSTam

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks