General

  • Target

    c78b0c41024d36bf53919740f92f2ba426009d97863a54f73f721f27454a7299N

  • Size

    2.6MB

  • Sample

    241108-2nk3gstqdn

  • MD5

    fa99b3f3c6accb7de65c3bac44149590

  • SHA1

    da03a7623eaf2b009f3f7301675852384fdac01b

  • SHA256

    c78b0c41024d36bf53919740f92f2ba426009d97863a54f73f721f27454a7299

  • SHA512

    4ba7d1ae73e813e318d0f933a4c49650214dccce07a48b99be220919bcd9d868215d1a370ad769f2aa9941034a66e1a0522162f05c5d1beb1f5824b6f7c7d131

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBYB/bS:sxX7QnxrloE5dpUpvb

Malware Config

Targets

    • Target

      c78b0c41024d36bf53919740f92f2ba426009d97863a54f73f721f27454a7299N

    • Size

      2.6MB

    • MD5

      fa99b3f3c6accb7de65c3bac44149590

    • SHA1

      da03a7623eaf2b009f3f7301675852384fdac01b

    • SHA256

      c78b0c41024d36bf53919740f92f2ba426009d97863a54f73f721f27454a7299

    • SHA512

      4ba7d1ae73e813e318d0f933a4c49650214dccce07a48b99be220919bcd9d868215d1a370ad769f2aa9941034a66e1a0522162f05c5d1beb1f5824b6f7c7d131

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBYB/bS:sxX7QnxrloE5dpUpvb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks