General

  • Target

    d6bc4e3293a2df60738f10f35af42dd8e0b5ec7faf65ff8b602082472d29ae00

  • Size

    2.6MB

  • Sample

    241108-zgynwssjdq

  • MD5

    5b098388391b3ee45cae35a5c8944c4a

  • SHA1

    0152b63d727fc996ebdcfe2a64122ad9d0d5cc68

  • SHA256

    d6bc4e3293a2df60738f10f35af42dd8e0b5ec7faf65ff8b602082472d29ae00

  • SHA512

    b4d0f64c91966dfe3747ecac605e7dbb5cf7b4aebd1e32c8095ce7307e2b41a9ad488eb4fb25bd8203e9075646c014079a3e793d0d2ab6366fa6d4117124fb4c

  • SSDEEP

    24576:9A8vyrepIND/0bfSPdaYoi5YYR+h+8fEvdDrGnrdEROGHOhZLegMZt4zEyje0sMc:9A81IJPnmEvdDqnroHO/L2h0JnHO

Malware Config

Targets

    • Target

      d6bc4e3293a2df60738f10f35af42dd8e0b5ec7faf65ff8b602082472d29ae00

    • Size

      2.6MB

    • MD5

      5b098388391b3ee45cae35a5c8944c4a

    • SHA1

      0152b63d727fc996ebdcfe2a64122ad9d0d5cc68

    • SHA256

      d6bc4e3293a2df60738f10f35af42dd8e0b5ec7faf65ff8b602082472d29ae00

    • SHA512

      b4d0f64c91966dfe3747ecac605e7dbb5cf7b4aebd1e32c8095ce7307e2b41a9ad488eb4fb25bd8203e9075646c014079a3e793d0d2ab6366fa6d4117124fb4c

    • SSDEEP

      24576:9A8vyrepIND/0bfSPdaYoi5YYR+h+8fEvdDrGnrdEROGHOhZLegMZt4zEyje0sMc:9A81IJPnmEvdDqnroHO/L2h0JnHO

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks