General

  • Target

    b272e0390625308179366dd664adbd2cc42c363e999b87cf11122f42f089de03N

  • Size

    2.6MB

  • Sample

    241108-p62rqssjbs

  • MD5

    23e5741a9817b7a6135e8fe7c1cf6110

  • SHA1

    a3e03c16f065cd045e2ee5b7e27b046aa2c75ed4

  • SHA256

    b272e0390625308179366dd664adbd2cc42c363e999b87cf11122f42f089de03

  • SHA512

    c7085468fad9ddbe62b5aad2b316813bf6bab358041dbcd7ed05542d5d7477825a28bc6fdac6eb90b02b7833d205126bf147bed93272a3ee77b8e2cee44462c0

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB0B/bS:sxX7QnxrloE5dpUpjb

Malware Config

Targets

    • Target

      b272e0390625308179366dd664adbd2cc42c363e999b87cf11122f42f089de03N

    • Size

      2.6MB

    • MD5

      23e5741a9817b7a6135e8fe7c1cf6110

    • SHA1

      a3e03c16f065cd045e2ee5b7e27b046aa2c75ed4

    • SHA256

      b272e0390625308179366dd664adbd2cc42c363e999b87cf11122f42f089de03

    • SHA512

      c7085468fad9ddbe62b5aad2b316813bf6bab358041dbcd7ed05542d5d7477825a28bc6fdac6eb90b02b7833d205126bf147bed93272a3ee77b8e2cee44462c0

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB0B/bS:sxX7QnxrloE5dpUpjb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks