General

  • Target

    435aa3606132288933b153fbd1a205458ceb5135dafe3e2f1c512caee68ee3f2

  • Size

    1.8MB

  • Sample

    241108-1ltfeazlax

  • MD5

    290f1370e732982ab38bbee49b28ef2f

  • SHA1

    30ba6ae60443b344721ac3463db892b7ac10c242

  • SHA256

    435aa3606132288933b153fbd1a205458ceb5135dafe3e2f1c512caee68ee3f2

  • SHA512

    663fae5eb144912f717ba9934a77663238c8d4040792331a3e0617f7c966dc5fc6bd6f6e6ed13070abc5d9ddb5051e068ba2cd0be998383a284b491e48b13eb4

  • SSDEEP

    49152:j3dUZTH0LAleiUtytyc6qs17zLUcM5Z4:j3dUZ4N3tytycPs17zYZ

Malware Config

Targets

    • Target

      435aa3606132288933b153fbd1a205458ceb5135dafe3e2f1c512caee68ee3f2

    • Size

      1.8MB

    • MD5

      290f1370e732982ab38bbee49b28ef2f

    • SHA1

      30ba6ae60443b344721ac3463db892b7ac10c242

    • SHA256

      435aa3606132288933b153fbd1a205458ceb5135dafe3e2f1c512caee68ee3f2

    • SHA512

      663fae5eb144912f717ba9934a77663238c8d4040792331a3e0617f7c966dc5fc6bd6f6e6ed13070abc5d9ddb5051e068ba2cd0be998383a284b491e48b13eb4

    • SSDEEP

      49152:j3dUZTH0LAleiUtytyc6qs17zLUcM5Z4:j3dUZ4N3tytycPs17zYZ

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks