General

  • Target

    6af52aeb00bd367cb423d1176e3240be5f2fa065a5d5a3370baf852bba59ed23N

  • Size

    2.6MB

  • Sample

    241108-sbev9svanj

  • MD5

    660feb1886398baf42ac5e6c1d7fb930

  • SHA1

    edeb7f81eb514b3a68e9cc08037f2ddaa65d5a28

  • SHA256

    6af52aeb00bd367cb423d1176e3240be5f2fa065a5d5a3370baf852bba59ed23

  • SHA512

    0d4b79c99462c84731facf301a593836a29ab179eaa3dc3d0ab02e4830130ed8d5f26d091f9ab16f5a3109d8ba17bf71bfc72a0d2e65addf8c4056f058e32d24

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBrB/bS:sxX7QnxrloE5dpUpMb

Malware Config

Targets

    • Target

      6af52aeb00bd367cb423d1176e3240be5f2fa065a5d5a3370baf852bba59ed23N

    • Size

      2.6MB

    • MD5

      660feb1886398baf42ac5e6c1d7fb930

    • SHA1

      edeb7f81eb514b3a68e9cc08037f2ddaa65d5a28

    • SHA256

      6af52aeb00bd367cb423d1176e3240be5f2fa065a5d5a3370baf852bba59ed23

    • SHA512

      0d4b79c99462c84731facf301a593836a29ab179eaa3dc3d0ab02e4830130ed8d5f26d091f9ab16f5a3109d8ba17bf71bfc72a0d2e65addf8c4056f058e32d24

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBrB/bS:sxX7QnxrloE5dpUpMb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks