General

  • Target

    b2248f853ce95df07f1bcd30d77a6c29696b0758c51a5e272fdae1fbe5c94048

  • Size

    2.8MB

  • Sample

    241109-af9bkaskfv

  • MD5

    6ad23faf181c57af1ebef075a83b3471

  • SHA1

    7187fdc1863c6559b5e6ec600502936b2360da71

  • SHA256

    b2248f853ce95df07f1bcd30d77a6c29696b0758c51a5e272fdae1fbe5c94048

  • SHA512

    415ae76ecd2ddf4537cbe459dfb4dfa46d21a873fb34da68797ea045835eec5c31f080bd4d8fcad758de2aabc8bb6050078565274c5c6f9fcc44e3db9d6e17cf

  • SSDEEP

    49152:KieXnLjdaEnJUi4bmd5GPxChCuQT8Ux+/5el:MXnPdVd4G5eChvU

Malware Config

Targets

    • Target

      b2248f853ce95df07f1bcd30d77a6c29696b0758c51a5e272fdae1fbe5c94048

    • Size

      2.8MB

    • MD5

      6ad23faf181c57af1ebef075a83b3471

    • SHA1

      7187fdc1863c6559b5e6ec600502936b2360da71

    • SHA256

      b2248f853ce95df07f1bcd30d77a6c29696b0758c51a5e272fdae1fbe5c94048

    • SHA512

      415ae76ecd2ddf4537cbe459dfb4dfa46d21a873fb34da68797ea045835eec5c31f080bd4d8fcad758de2aabc8bb6050078565274c5c6f9fcc44e3db9d6e17cf

    • SSDEEP

      49152:KieXnLjdaEnJUi4bmd5GPxChCuQT8Ux+/5el:MXnPdVd4G5eChvU

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks