General

  • Target

    a8f5c3990c3bb862cdc143042dc48c8a159d6fd324cf94f070a8737d1daab3e4N

  • Size

    2.6MB

  • Sample

    241108-z24qmszfjj

  • MD5

    2a668a1dcac4575e03cd25fd30423a80

  • SHA1

    8f9db9f0b2054e37f12cd8b5c0afd4966f8eb468

  • SHA256

    a8f5c3990c3bb862cdc143042dc48c8a159d6fd324cf94f070a8737d1daab3e4

  • SHA512

    d098212bb7e4a6158be56cc81dd960544c6d1e9310c2fcb02e4daafa666748e3750f514357f846a50af573d96b0f86691134c20743c01d24cf06e9583eb61335

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBnB/bS:sxX7QnxrloE5dpUpQb

Malware Config

Targets

    • Target

      a8f5c3990c3bb862cdc143042dc48c8a159d6fd324cf94f070a8737d1daab3e4N

    • Size

      2.6MB

    • MD5

      2a668a1dcac4575e03cd25fd30423a80

    • SHA1

      8f9db9f0b2054e37f12cd8b5c0afd4966f8eb468

    • SHA256

      a8f5c3990c3bb862cdc143042dc48c8a159d6fd324cf94f070a8737d1daab3e4

    • SHA512

      d098212bb7e4a6158be56cc81dd960544c6d1e9310c2fcb02e4daafa666748e3750f514357f846a50af573d96b0f86691134c20743c01d24cf06e9583eb61335

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBnB/bS:sxX7QnxrloE5dpUpQb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks