General

  • Target

    9aa5486c906b0767441dcaa8885e616af6ec8833d013cca6acc4d3741016e3e7

  • Size

    398KB

  • Sample

    241108-n9xrhs1mev

  • MD5

    6b081f5df4a631be4d0e48851d9dadc6

  • SHA1

    fae6b7b7e1251625a129a2f44a1fe76df92e1d06

  • SHA256

    9aa5486c906b0767441dcaa8885e616af6ec8833d013cca6acc4d3741016e3e7

  • SHA512

    389b17ca9ffb3fed5cc9ff34f7b2ba7b149844067167a4c1b4b427fec3ffbd7ec2544eb1df59b44492b11a6c2f5075832cf16d1a16416bcc9dd8d310f0ec665a

  • SSDEEP

    6144:aF46tGfC0j/nDXYQ/BWJjmpgtBZQZKQj8p3jyb7HREd4SZ1tzLbF:aF3WFj/DXYJmSTZwYp32bY4qtDF

Malware Config

Targets

    • Target

      9aa5486c906b0767441dcaa8885e616af6ec8833d013cca6acc4d3741016e3e7

    • Size

      398KB

    • MD5

      6b081f5df4a631be4d0e48851d9dadc6

    • SHA1

      fae6b7b7e1251625a129a2f44a1fe76df92e1d06

    • SHA256

      9aa5486c906b0767441dcaa8885e616af6ec8833d013cca6acc4d3741016e3e7

    • SHA512

      389b17ca9ffb3fed5cc9ff34f7b2ba7b149844067167a4c1b4b427fec3ffbd7ec2544eb1df59b44492b11a6c2f5075832cf16d1a16416bcc9dd8d310f0ec665a

    • SSDEEP

      6144:aF46tGfC0j/nDXYQ/BWJjmpgtBZQZKQj8p3jyb7HREd4SZ1tzLbF:aF3WFj/DXYJmSTZwYp32bY4qtDF

    • Drops file in Drivers directory

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks