General

  • Target

    b0968abd2162f9d0292e4f7b603191f1285d368811d41111f72b5dd0d1cf1819N

  • Size

    2.6MB

  • Sample

    241108-qljwvsvrfl

  • MD5

    eb0b3ea8f23af1bafa96769bd9a21a60

  • SHA1

    9e671d8117b4f5c5ffad9536b4ca601dff1f3b70

  • SHA256

    b0968abd2162f9d0292e4f7b603191f1285d368811d41111f72b5dd0d1cf1819

  • SHA512

    99eedcf0a8ccc292c62856afc68e6969d5cfb6eccba2670a46fc4c818db51dec75d08d9a7998655d266ed72b4cac49b7a5697270ba6c003a49b8beb3ada94b59

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB/B/bSq:sxX7QnxrloE5dpUpAbV

Malware Config

Targets

    • Target

      b0968abd2162f9d0292e4f7b603191f1285d368811d41111f72b5dd0d1cf1819N

    • Size

      2.6MB

    • MD5

      eb0b3ea8f23af1bafa96769bd9a21a60

    • SHA1

      9e671d8117b4f5c5ffad9536b4ca601dff1f3b70

    • SHA256

      b0968abd2162f9d0292e4f7b603191f1285d368811d41111f72b5dd0d1cf1819

    • SHA512

      99eedcf0a8ccc292c62856afc68e6969d5cfb6eccba2670a46fc4c818db51dec75d08d9a7998655d266ed72b4cac49b7a5697270ba6c003a49b8beb3ada94b59

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB/B/bSq:sxX7QnxrloE5dpUpAbV

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks