General

  • Target

    OperaGXSetup.exe

  • Size

    3.2MB

  • Sample

    241108-1lqphssrep

  • MD5

    7f22c7e8763072efdc85b8d2a6aaca32

  • SHA1

    c896267ee7ea4cb9811710b0bb890dc41548b6b3

  • SHA256

    408c7aeb8f4f7aa34cf388917969d3cae4fc1293b67070109ac5a0170eedb051

  • SHA512

    fbadfff30914065d1f01af6f80f3ac201e1d9d24cf4be9824f52b06d02ce8dc06c650dd3ed0988e195573f0100ed5570fa56abfd134d4fe29be0af2a6eab39ea

  • SSDEEP

    49152:iVAbwEw9pn+uTEa3XAqBfpd9pZBsQggCcL+oVmYRg1+Awf+UW7isjQmwLWrMItvA:mA4+uTEvqBhezcXdG7j7wLW4Iq

Malware Config

Targets

    • Target

      OperaGXSetup.exe

    • Size

      3.2MB

    • MD5

      7f22c7e8763072efdc85b8d2a6aaca32

    • SHA1

      c896267ee7ea4cb9811710b0bb890dc41548b6b3

    • SHA256

      408c7aeb8f4f7aa34cf388917969d3cae4fc1293b67070109ac5a0170eedb051

    • SHA512

      fbadfff30914065d1f01af6f80f3ac201e1d9d24cf4be9824f52b06d02ce8dc06c650dd3ed0988e195573f0100ed5570fa56abfd134d4fe29be0af2a6eab39ea

    • SSDEEP

      49152:iVAbwEw9pn+uTEa3XAqBfpd9pZBsQggCcL+oVmYRg1+Awf+UW7isjQmwLWrMItvA:mA4+uTEvqBhezcXdG7j7wLW4Iq

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks