General

  • Target

    a9fcd8d7c19e719cc0653144ad8147c720d20e75f6b0e92bfd982fdd4ff9b04bN

  • Size

    2.6MB

  • Sample

    241108-r96wzatlay

  • MD5

    5fd1eaa5bafc7b3c881b91da1d0e0ae0

  • SHA1

    fc34e90d58f6e4d457fea938a790713b58e43ee2

  • SHA256

    a9fcd8d7c19e719cc0653144ad8147c720d20e75f6b0e92bfd982fdd4ff9b04b

  • SHA512

    87ca8039307e11b974a1c3fdb891defb14f7dd3096397813d80ae443c36a8dce4608d21db613ccf76371d183a1a099222eca2331fb2235d672bc1bfd16f36049

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBVB/bS:sxX7QnxrloE5dpUpKb

Malware Config

Targets

    • Target

      a9fcd8d7c19e719cc0653144ad8147c720d20e75f6b0e92bfd982fdd4ff9b04bN

    • Size

      2.6MB

    • MD5

      5fd1eaa5bafc7b3c881b91da1d0e0ae0

    • SHA1

      fc34e90d58f6e4d457fea938a790713b58e43ee2

    • SHA256

      a9fcd8d7c19e719cc0653144ad8147c720d20e75f6b0e92bfd982fdd4ff9b04b

    • SHA512

      87ca8039307e11b974a1c3fdb891defb14f7dd3096397813d80ae443c36a8dce4608d21db613ccf76371d183a1a099222eca2331fb2235d672bc1bfd16f36049

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBVB/bS:sxX7QnxrloE5dpUpKb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks