General

  • Target

    741b5edf02dd674483ec4dd30fe3e3b826f190eb8cb5ca8c2a0962fcaa449468

  • Size

    1.1MB

  • Sample

    241108-n9x3aa1mey

  • MD5

    b579fc294ca2f07c791c03046783157b

  • SHA1

    fa6ea3252be6882d16a2d3e529615e5f79b2af8a

  • SHA256

    741b5edf02dd674483ec4dd30fe3e3b826f190eb8cb5ca8c2a0962fcaa449468

  • SHA512

    24656851d15cad55081194a0544aa5a6cf5e8bd1a334b7c8e38254c6cec2f5800c5f2d91980a8bb00035354bc73ead11f482ae135fab1a20b34cbce450bd23d4

  • SSDEEP

    24576:63MXf9AiKGpEoQpkN2C4McuKo0GTNJpyT5RGeQa0s:6K+GtCi27mVHyT+a0s

Malware Config

Targets

    • Target

      741b5edf02dd674483ec4dd30fe3e3b826f190eb8cb5ca8c2a0962fcaa449468

    • Size

      1.1MB

    • MD5

      b579fc294ca2f07c791c03046783157b

    • SHA1

      fa6ea3252be6882d16a2d3e529615e5f79b2af8a

    • SHA256

      741b5edf02dd674483ec4dd30fe3e3b826f190eb8cb5ca8c2a0962fcaa449468

    • SHA512

      24656851d15cad55081194a0544aa5a6cf5e8bd1a334b7c8e38254c6cec2f5800c5f2d91980a8bb00035354bc73ead11f482ae135fab1a20b34cbce450bd23d4

    • SSDEEP

      24576:63MXf9AiKGpEoQpkN2C4McuKo0GTNJpyT5RGeQa0s:6K+GtCi27mVHyT+a0s

    • Drops file in Drivers directory

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks