General

  • Target

    82e715942a3f08535b8c37c56da0b7f9f78d3d582f6d00d1bea93174609ef1a5N

  • Size

    2.6MB

  • Sample

    241108-pkby7ascqe

  • MD5

    6bb5890855484aa5c398f0f8625cd5e0

  • SHA1

    b319933107d13c293fe93ebd287d73d87c5c0f26

  • SHA256

    82e715942a3f08535b8c37c56da0b7f9f78d3d582f6d00d1bea93174609ef1a5

  • SHA512

    3d3be118d611863225e7f6ef424c24fbd8b43b4f716fb5d28b24597c537a3bea4f8f606750d3d7d53789646c6485b4e9e65a791eb5d6c566f9d1561d270c3c9f

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBmB/bSq:sxX7QnxrloE5dpUpBbV

Malware Config

Targets

    • Target

      82e715942a3f08535b8c37c56da0b7f9f78d3d582f6d00d1bea93174609ef1a5N

    • Size

      2.6MB

    • MD5

      6bb5890855484aa5c398f0f8625cd5e0

    • SHA1

      b319933107d13c293fe93ebd287d73d87c5c0f26

    • SHA256

      82e715942a3f08535b8c37c56da0b7f9f78d3d582f6d00d1bea93174609ef1a5

    • SHA512

      3d3be118d611863225e7f6ef424c24fbd8b43b4f716fb5d28b24597c537a3bea4f8f606750d3d7d53789646c6485b4e9e65a791eb5d6c566f9d1561d270c3c9f

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBmB/bSq:sxX7QnxrloE5dpUpBbV

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks