General

  • Target

    4ba454ea22a61c96e0c9d33372987cb8823f4ec7cb572f353a0b20499f020931

  • Size

    2.6MB

  • Sample

    241109-1xq5essmaw

  • MD5

    26f331a85a656e582179fd45df0f6b07

  • SHA1

    edcec7111d17d7cb29dba0e9339b8253f506fc16

  • SHA256

    4ba454ea22a61c96e0c9d33372987cb8823f4ec7cb572f353a0b20499f020931

  • SHA512

    595128244631c311a524f69625c1f0d410b65c0a14da7633d93b554152e2e46d48d935ca43bdec76a9619a468a259c35c543613a4f12b818ae203d0033633918

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB1B/bSq:sxX7QnxrloE5dpUpObV

Malware Config

Targets

    • Target

      4ba454ea22a61c96e0c9d33372987cb8823f4ec7cb572f353a0b20499f020931

    • Size

      2.6MB

    • MD5

      26f331a85a656e582179fd45df0f6b07

    • SHA1

      edcec7111d17d7cb29dba0e9339b8253f506fc16

    • SHA256

      4ba454ea22a61c96e0c9d33372987cb8823f4ec7cb572f353a0b20499f020931

    • SHA512

      595128244631c311a524f69625c1f0d410b65c0a14da7633d93b554152e2e46d48d935ca43bdec76a9619a468a259c35c543613a4f12b818ae203d0033633918

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB1B/bSq:sxX7QnxrloE5dpUpObV

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks