General

  • Target

    f9377daf1f2bb03d7da192ea689abe85c94b448ad2c978a21d01132b9bec960bN

  • Size

    2.6MB

  • Sample

    241108-tr655avhjq

  • MD5

    270da80fbc2375e55cc660f57e5dc630

  • SHA1

    3cd2b64f9c8917fe63371364daf7cce1a2918c2e

  • SHA256

    f9377daf1f2bb03d7da192ea689abe85c94b448ad2c978a21d01132b9bec960b

  • SHA512

    932c9132e9668c0983867af343cfdc0b3f1b84e9f91df8b2f20ef55ab2f1e9130564bfe60a879a8aa350d1c768bbd2e9c4f1234c49a3a033709d850f51e32eac

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBZB/bSq:sxX7QnxrloE5dpUpWbV

Malware Config

Targets

    • Target

      f9377daf1f2bb03d7da192ea689abe85c94b448ad2c978a21d01132b9bec960bN

    • Size

      2.6MB

    • MD5

      270da80fbc2375e55cc660f57e5dc630

    • SHA1

      3cd2b64f9c8917fe63371364daf7cce1a2918c2e

    • SHA256

      f9377daf1f2bb03d7da192ea689abe85c94b448ad2c978a21d01132b9bec960b

    • SHA512

      932c9132e9668c0983867af343cfdc0b3f1b84e9f91df8b2f20ef55ab2f1e9130564bfe60a879a8aa350d1c768bbd2e9c4f1234c49a3a033709d850f51e32eac

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBZB/bSq:sxX7QnxrloE5dpUpWbV

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks