General

  • Target

    32bd212358faf07219b8aee96bf42a78.bin

  • Size

    1.4MB

  • Sample

    241108-blejta1lf1

  • MD5

    5d06a50290cca89634f4a7cb4d96da65

  • SHA1

    83a06a6291800b87d5d543527a25dbb3ff14007c

  • SHA256

    72bdb25db9e5dd6efe386faff092c7694bab4e65eeecd16b8669366ae5626dfe

  • SHA512

    b80a5778548b3beeb473bf951f031ce7b22b275cd4f741dbf392f2a67c054fdf802670f643b55fc94de43d2f5f7f8170d16e99bd633d4f959d2e9c8a68873172

  • SSDEEP

    24576:ioahmq2PkR1IChzJ8YBfUadCNGbbr++9c+iFaYCrnbTZGhk92maAGHxvoWT9dD:iaqukIC1OYC5GbbrEFaYCrnHWk03AG2a

Malware Config

Targets

    • Target

      582cd56afe40a1e49d91486e40c4d5a27d1a890f451e5ba5d0d948511cde3987.exe

    • Size

      2.4MB

    • MD5

      32bd212358faf07219b8aee96bf42a78

    • SHA1

      c3bea0bcc2b04cda2bb1551a2f61fbd695ae538f

    • SHA256

      582cd56afe40a1e49d91486e40c4d5a27d1a890f451e5ba5d0d948511cde3987

    • SHA512

      68b8f7578b2a8762ff165cea2e0158e0e884708c0cfe49cb6320d62572f03e0a91b0dd2bfd6162982ddb6544a3511cf05f6fd60b49eed4b8d1546403d9f632f1

    • SSDEEP

      49152:e/GWFE7w5U4Cm/oKoGSMc67BkMqcB1rkCPRjTe+L4/okMUzzUnEt:usZezSi2CPZ4/L

    • Reads WinSCP keys stored on the system

      Tries to access WinSCP stored sessions.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v15

Tasks