General

  • Target

    a1c719709b86d03ea22f26eaee1bfa1e7032b1ca6f2922388bc796c3edf84d2dN

  • Size

    2.6MB

  • Sample

    241108-1va1estkbr

  • MD5

    9ebc951d9f3d04ba4d47f1505fee8b90

  • SHA1

    e0a79e1dd7d32d225df7099fde992c04bfd4c97c

  • SHA256

    a1c719709b86d03ea22f26eaee1bfa1e7032b1ca6f2922388bc796c3edf84d2d

  • SHA512

    802fef0c5e9258932e1d4e973edac26d60cfb1399c38593e15a2a484a6b75aa6d15c3a874762d805ea86e6ad7cb31e8141753b9bf053ad06596f5b67edf0b7e4

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBKB/bS:sxX7QnxrloE5dpUpJb

Malware Config

Targets

    • Target

      a1c719709b86d03ea22f26eaee1bfa1e7032b1ca6f2922388bc796c3edf84d2dN

    • Size

      2.6MB

    • MD5

      9ebc951d9f3d04ba4d47f1505fee8b90

    • SHA1

      e0a79e1dd7d32d225df7099fde992c04bfd4c97c

    • SHA256

      a1c719709b86d03ea22f26eaee1bfa1e7032b1ca6f2922388bc796c3edf84d2d

    • SHA512

      802fef0c5e9258932e1d4e973edac26d60cfb1399c38593e15a2a484a6b75aa6d15c3a874762d805ea86e6ad7cb31e8141753b9bf053ad06596f5b67edf0b7e4

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBKB/bS:sxX7QnxrloE5dpUpJb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks