General

  • Target

    4f8f1a6f4826691df0dd100e7a41d7b2d7919b362384fbc64b62beff38e756c3N

  • Size

    2.6MB

  • Sample

    241109-af2xgssgqb

  • MD5

    8a28950b8d1dee04851e30275e081330

  • SHA1

    ab5a9fd41649819a2b829de06f6a6beb17c2a744

  • SHA256

    4f8f1a6f4826691df0dd100e7a41d7b2d7919b362384fbc64b62beff38e756c3

  • SHA512

    80ec5d71c0f690dc1939977bd5884b168cd6893a78e99553cd46d5dc323db817d5658d800cef9f96625133eed8d1c8f8dc06daaef4ab2d34ee4ce36d5f0cc13e

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBpB/bS:sxX7QnxrloE5dpUpyb

Malware Config

Targets

    • Target

      4f8f1a6f4826691df0dd100e7a41d7b2d7919b362384fbc64b62beff38e756c3N

    • Size

      2.6MB

    • MD5

      8a28950b8d1dee04851e30275e081330

    • SHA1

      ab5a9fd41649819a2b829de06f6a6beb17c2a744

    • SHA256

      4f8f1a6f4826691df0dd100e7a41d7b2d7919b362384fbc64b62beff38e756c3

    • SHA512

      80ec5d71c0f690dc1939977bd5884b168cd6893a78e99553cd46d5dc323db817d5658d800cef9f96625133eed8d1c8f8dc06daaef4ab2d34ee4ce36d5f0cc13e

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBpB/bS:sxX7QnxrloE5dpUpyb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks