General

  • Target

    43a9d1c6686ce822d483a2980264ca16fcfc827091675dafd04227ee8e76b2e6

  • Size

    57KB

  • Sample

    241108-n9xfrasbqp

  • MD5

    5a094b5a688d0e699da910b32f5f3a57

  • SHA1

    6c9ebaad8cc5d4f8178ea908439e75f61525a37c

  • SHA256

    43a9d1c6686ce822d483a2980264ca16fcfc827091675dafd04227ee8e76b2e6

  • SHA512

    2f4909d397b7de42e5bfd3ee7cb2534cc80ab815e017872d429c7401e920d95bab06fb54d2d2771eaf152852e02397b35ce9ce2af58fcc76be5f5df4e4848b62

  • SSDEEP

    1536:J4zaYzMXqtGN/CstC9qVFk6jWWvr78Pxc:J4zaY46tGNFC0VFkeWWvrQxc

Malware Config

Targets

    • Target

      43a9d1c6686ce822d483a2980264ca16fcfc827091675dafd04227ee8e76b2e6

    • Size

      57KB

    • MD5

      5a094b5a688d0e699da910b32f5f3a57

    • SHA1

      6c9ebaad8cc5d4f8178ea908439e75f61525a37c

    • SHA256

      43a9d1c6686ce822d483a2980264ca16fcfc827091675dafd04227ee8e76b2e6

    • SHA512

      2f4909d397b7de42e5bfd3ee7cb2534cc80ab815e017872d429c7401e920d95bab06fb54d2d2771eaf152852e02397b35ce9ce2af58fcc76be5f5df4e4848b62

    • SSDEEP

      1536:J4zaYzMXqtGN/CstC9qVFk6jWWvr78Pxc:J4zaY46tGNFC0VFkeWWvrQxc

    • Drops file in Drivers directory

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks