General

  • Target

    3a91603644eba915a2073c7f482c957112161f3bb53c67a26b6b953ad654d72cN

  • Size

    2.6MB

  • Sample

    241108-z7241azelh

  • MD5

    56bdd9ad27ef80babfe9ba609a072cf0

  • SHA1

    e9ef65dd14186bfc657298c6e328469f8786c218

  • SHA256

    3a91603644eba915a2073c7f482c957112161f3bb53c67a26b6b953ad654d72c

  • SHA512

    7aef975d882690eddd3eb5e041a1bfd134b575388a3fcbd5ea8855ff10f0acbafe52da365228e760068218f7db43d54cefecd02db11f8c13120ddc30995cc6f5

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBaB/bS:sxX7QnxrloE5dpUpFb

Malware Config

Targets

    • Target

      3a91603644eba915a2073c7f482c957112161f3bb53c67a26b6b953ad654d72cN

    • Size

      2.6MB

    • MD5

      56bdd9ad27ef80babfe9ba609a072cf0

    • SHA1

      e9ef65dd14186bfc657298c6e328469f8786c218

    • SHA256

      3a91603644eba915a2073c7f482c957112161f3bb53c67a26b6b953ad654d72c

    • SHA512

      7aef975d882690eddd3eb5e041a1bfd134b575388a3fcbd5ea8855ff10f0acbafe52da365228e760068218f7db43d54cefecd02db11f8c13120ddc30995cc6f5

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBaB/bS:sxX7QnxrloE5dpUpFb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks