General

  • Target

    50cf27704aaf2f87d1d5d2640b475bdc6ee4d72628e97161c563ff8987011dc7N

  • Size

    2.6MB

  • Sample

    241108-r6zy9atkdw

  • MD5

    a090dc0f5b9a2dc6498e66d6336da710

  • SHA1

    ca5f8b4ba7aba68609734727e7c9ebac0bf6a407

  • SHA256

    50cf27704aaf2f87d1d5d2640b475bdc6ee4d72628e97161c563ff8987011dc7

  • SHA512

    ea713af642c65d011ad5b2c9c8fd325f7027c4598914589f6033ce0659d2e8a86798eb15a7eee591e5e0d2bd01c98dad3b9ebec296aa6743741795f5415a1243

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBFB/bS:sxX7QnxrloE5dpUpWb

Malware Config

Targets

    • Target

      50cf27704aaf2f87d1d5d2640b475bdc6ee4d72628e97161c563ff8987011dc7N

    • Size

      2.6MB

    • MD5

      a090dc0f5b9a2dc6498e66d6336da710

    • SHA1

      ca5f8b4ba7aba68609734727e7c9ebac0bf6a407

    • SHA256

      50cf27704aaf2f87d1d5d2640b475bdc6ee4d72628e97161c563ff8987011dc7

    • SHA512

      ea713af642c65d011ad5b2c9c8fd325f7027c4598914589f6033ce0659d2e8a86798eb15a7eee591e5e0d2bd01c98dad3b9ebec296aa6743741795f5415a1243

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBFB/bS:sxX7QnxrloE5dpUpWb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks