General

  • Target

    38d87894693afd4c731606473e3956c8f41da0a33b11fdc4c04bc5e3cdf4c570

  • Size

    64KB

  • Sample

    241108-zgxrlasjdn

  • MD5

    06f8dc39aec65673993c8af59db8b89b

  • SHA1

    78b6aeac2d2161451073995e3bd549429329f4fb

  • SHA256

    38d87894693afd4c731606473e3956c8f41da0a33b11fdc4c04bc5e3cdf4c570

  • SHA512

    346f9ffce8303863fc6b0321d20e6799a44fac3f7120e749218ebf41874ba9f46d3b9c12aae49f1a8460922c321c9eec76331f4dddf7b3703ac4f9fe4475dd0a

  • SSDEEP

    1536:8Se+Zk7VJbwlYXjPrsqrZMYR5p8w7dT1F7PjTAWDPpQc:8Se+azbRPrlr9RXFRT0WLCc

Malware Config

Targets

    • Target

      38d87894693afd4c731606473e3956c8f41da0a33b11fdc4c04bc5e3cdf4c570

    • Size

      64KB

    • MD5

      06f8dc39aec65673993c8af59db8b89b

    • SHA1

      78b6aeac2d2161451073995e3bd549429329f4fb

    • SHA256

      38d87894693afd4c731606473e3956c8f41da0a33b11fdc4c04bc5e3cdf4c570

    • SHA512

      346f9ffce8303863fc6b0321d20e6799a44fac3f7120e749218ebf41874ba9f46d3b9c12aae49f1a8460922c321c9eec76331f4dddf7b3703ac4f9fe4475dd0a

    • SSDEEP

      1536:8Se+Zk7VJbwlYXjPrsqrZMYR5p8w7dT1F7PjTAWDPpQc:8Se+azbRPrlr9RXFRT0WLCc

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks