General

  • Target

    6ffb83f1661db9a68e8aac44990c2d9201ca8dae5fa7b48789f8548c3567c91cN

  • Size

    2.6MB

  • Sample

    241108-nzs1kssakm

  • MD5

    f9c89607da40553b343bac472aa73d00

  • SHA1

    666e805fbef5812be2938d313ba541ad16ee5a5b

  • SHA256

    6ffb83f1661db9a68e8aac44990c2d9201ca8dae5fa7b48789f8548c3567c91c

  • SHA512

    114e70d9b6a40bb53fbbbd9cb73439181873552705aa818085a606d5a377557623904a724af08b2ba9bded0b2bf01afa3b294cf443fa8006c393e5302294c3d7

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBpB/bS:sxX7QnxrloE5dpUpmb

Malware Config

Targets

    • Target

      6ffb83f1661db9a68e8aac44990c2d9201ca8dae5fa7b48789f8548c3567c91cN

    • Size

      2.6MB

    • MD5

      f9c89607da40553b343bac472aa73d00

    • SHA1

      666e805fbef5812be2938d313ba541ad16ee5a5b

    • SHA256

      6ffb83f1661db9a68e8aac44990c2d9201ca8dae5fa7b48789f8548c3567c91c

    • SHA512

      114e70d9b6a40bb53fbbbd9cb73439181873552705aa818085a606d5a377557623904a724af08b2ba9bded0b2bf01afa3b294cf443fa8006c393e5302294c3d7

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBpB/bS:sxX7QnxrloE5dpUpmb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks