General

  • Target

    4b1eef4267c3e8cba2b61c5f3e4d852b9dc3909c8a386754595852d723cc05e9

  • Size

    252KB

  • Sample

    241108-2a6r2azqdw

  • MD5

    ea53e7ecb69c94f76102e3d4b12638b1

  • SHA1

    48f8529281ec32bf8587a63edfa2f1f6accb9ed9

  • SHA256

    4b1eef4267c3e8cba2b61c5f3e4d852b9dc3909c8a386754595852d723cc05e9

  • SHA512

    b43d9a21cb424eb4a6f50a10e492eb8a00b677ba879ad255e92eca6dc2f69c77028cf7b60524c39521938980a5bc15d6972a659cb795af7224ef9b666e09f98f

  • SSDEEP

    6144:3MR46tGdyKQZbO5JCSZT0wwla4G13CmdxLzI9LTB5xnmT:c3NlbuJcfcXbz0Tfxo

Malware Config

Targets

    • Target

      4b1eef4267c3e8cba2b61c5f3e4d852b9dc3909c8a386754595852d723cc05e9

    • Size

      252KB

    • MD5

      ea53e7ecb69c94f76102e3d4b12638b1

    • SHA1

      48f8529281ec32bf8587a63edfa2f1f6accb9ed9

    • SHA256

      4b1eef4267c3e8cba2b61c5f3e4d852b9dc3909c8a386754595852d723cc05e9

    • SHA512

      b43d9a21cb424eb4a6f50a10e492eb8a00b677ba879ad255e92eca6dc2f69c77028cf7b60524c39521938980a5bc15d6972a659cb795af7224ef9b666e09f98f

    • SSDEEP

      6144:3MR46tGdyKQZbO5JCSZT0wwla4G13CmdxLzI9LTB5xnmT:c3NlbuJcfcXbz0Tfxo

    • Drops file in Drivers directory

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks