General

  • Target

    d1590da9b3f2852b39344e985195acfbde200b211a94e986e04481a118c36ab5

  • Size

    66KB

  • Sample

    241108-n7xczasapg

  • MD5

    9a5274b3ebfd06f33c24454ebcd2a1d0

  • SHA1

    9d2cc705892c9c998ad8f8a0c2d0ced49d54c630

  • SHA256

    d1590da9b3f2852b39344e985195acfbde200b211a94e986e04481a118c36ab5

  • SHA512

    9c14ec9c752a0b38112dd9f9bc573bb49abe014701824062c41f78dfa433d1345f0aab08bd5c3494017de10389450d6f5ee58e597e671c9ecdd0d1e95df9d16d

  • SSDEEP

    1536:Pgu/k/aYzMXqtGNttyUn01Q78a4RE/MF0Vz5gpEaDoc:PguM/aY46tGNttyJQ7KRE/W0VzBaDP

Malware Config

Targets

    • Target

      d1590da9b3f2852b39344e985195acfbde200b211a94e986e04481a118c36ab5

    • Size

      66KB

    • MD5

      9a5274b3ebfd06f33c24454ebcd2a1d0

    • SHA1

      9d2cc705892c9c998ad8f8a0c2d0ced49d54c630

    • SHA256

      d1590da9b3f2852b39344e985195acfbde200b211a94e986e04481a118c36ab5

    • SHA512

      9c14ec9c752a0b38112dd9f9bc573bb49abe014701824062c41f78dfa433d1345f0aab08bd5c3494017de10389450d6f5ee58e597e671c9ecdd0d1e95df9d16d

    • SSDEEP

      1536:Pgu/k/aYzMXqtGNttyUn01Q78a4RE/MF0Vz5gpEaDoc:PguM/aY46tGNttyJQ7KRE/W0VzBaDP

    • Drops file in Drivers directory

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks