General

  • Target

    2b57a6b36f0f6f1e714640973ba54d138d63007c0e4b7815337070d2d17c898eN

  • Size

    2.6MB

  • Sample

    241109-ad7d7askcx

  • MD5

    c21ee1eebb8a3a74eebfe5f4f5a6e590

  • SHA1

    7589d40f762bdc6857fc5b9830a5e803c9329173

  • SHA256

    2b57a6b36f0f6f1e714640973ba54d138d63007c0e4b7815337070d2d17c898e

  • SHA512

    89377f2e304218854729ce9bba13fab4a892fd6b18f65c5b13d5c8abcfe449058bf320056ba3bc773b2da562331b0a40bbef54a5f58b02741868cdb295c3afc0

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB5B/bS:sxX7QnxrloE5dpUpmb

Malware Config

Targets

    • Target

      2b57a6b36f0f6f1e714640973ba54d138d63007c0e4b7815337070d2d17c898eN

    • Size

      2.6MB

    • MD5

      c21ee1eebb8a3a74eebfe5f4f5a6e590

    • SHA1

      7589d40f762bdc6857fc5b9830a5e803c9329173

    • SHA256

      2b57a6b36f0f6f1e714640973ba54d138d63007c0e4b7815337070d2d17c898e

    • SHA512

      89377f2e304218854729ce9bba13fab4a892fd6b18f65c5b13d5c8abcfe449058bf320056ba3bc773b2da562331b0a40bbef54a5f58b02741868cdb295c3afc0

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB5B/bS:sxX7QnxrloE5dpUpmb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks