General

  • Target

    ca1163620b838ce541657f92e2ec1ed1d3e14f57698f5f00f8e7496e0777c06eN

  • Size

    2.6MB

  • Sample

    241109-a9tszatenm

  • MD5

    c12d929c0a6d8d94a4267a78e0b00f70

  • SHA1

    a80ab6cb6cf2a7301e7e20f95b6f651df54ef479

  • SHA256

    ca1163620b838ce541657f92e2ec1ed1d3e14f57698f5f00f8e7496e0777c06e

  • SHA512

    cc36f27348268967b8822cf1b23d9b4aec6f9bab042c505535db68a54e95d45745bd2f5668652216223333844c68c955c812f8619708983b544a31ef7fa55c15

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBMB/bSq:sxX7QnxrloE5dpUpbbV

Malware Config

Targets

    • Target

      ca1163620b838ce541657f92e2ec1ed1d3e14f57698f5f00f8e7496e0777c06eN

    • Size

      2.6MB

    • MD5

      c12d929c0a6d8d94a4267a78e0b00f70

    • SHA1

      a80ab6cb6cf2a7301e7e20f95b6f651df54ef479

    • SHA256

      ca1163620b838ce541657f92e2ec1ed1d3e14f57698f5f00f8e7496e0777c06e

    • SHA512

      cc36f27348268967b8822cf1b23d9b4aec6f9bab042c505535db68a54e95d45745bd2f5668652216223333844c68c955c812f8619708983b544a31ef7fa55c15

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBMB/bSq:sxX7QnxrloE5dpUpbbV

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks