General

  • Target

    349e705845254a4fc0e6f3765ca6734b193fb2704b832af54fde99871bedce1bN

  • Size

    2.6MB

  • Sample

    241108-zyq1daypgw

  • MD5

    ee85481477eccadc1325d8671625b250

  • SHA1

    992c6da1660bab70e58965339f4c2732cd544bf9

  • SHA256

    349e705845254a4fc0e6f3765ca6734b193fb2704b832af54fde99871bedce1b

  • SHA512

    e023b72b020ab7d95cc2bdbe1efb3692ac66da85dae5fa583857be5a393db2155f3e4c756347598d4c7501fe0655342fc9c6f0d8ad1399e132f97bab8be9f3dd

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBpB/bS:sxX7QnxrloE5dpUpmb

Malware Config

Targets

    • Target

      349e705845254a4fc0e6f3765ca6734b193fb2704b832af54fde99871bedce1bN

    • Size

      2.6MB

    • MD5

      ee85481477eccadc1325d8671625b250

    • SHA1

      992c6da1660bab70e58965339f4c2732cd544bf9

    • SHA256

      349e705845254a4fc0e6f3765ca6734b193fb2704b832af54fde99871bedce1b

    • SHA512

      e023b72b020ab7d95cc2bdbe1efb3692ac66da85dae5fa583857be5a393db2155f3e4c756347598d4c7501fe0655342fc9c6f0d8ad1399e132f97bab8be9f3dd

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBpB/bS:sxX7QnxrloE5dpUpmb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks