General

  • Target

    224a817638a8f56293305c225fc125dc4695275b62ba2b14188efd4e105d1003

  • Size

    2.8MB

  • Sample

    241109-aq7kqawkdj

  • MD5

    d1df1f0686d7d9b2a231e15c6145b165

  • SHA1

    89e4a4e9c7c22a0a1dace7c20c588879bef52d5e

  • SHA256

    224a817638a8f56293305c225fc125dc4695275b62ba2b14188efd4e105d1003

  • SHA512

    31d2a2e2dc8af7e8f5cab7dcef29d0612941c2458535bb4e530a65dfe95bc0cb51480eb9429883a4f6adb2472c1caa32cee88d3b149c8bec4051a1c32af142b9

  • SSDEEP

    49152:noGt35IDn9xZx6V3yIyRUfWs5PGor3m+VPeTS3Z/G:noGB5IDnlx6V3yRg8orB

Malware Config

Targets

    • Target

      224a817638a8f56293305c225fc125dc4695275b62ba2b14188efd4e105d1003

    • Size

      2.8MB

    • MD5

      d1df1f0686d7d9b2a231e15c6145b165

    • SHA1

      89e4a4e9c7c22a0a1dace7c20c588879bef52d5e

    • SHA256

      224a817638a8f56293305c225fc125dc4695275b62ba2b14188efd4e105d1003

    • SHA512

      31d2a2e2dc8af7e8f5cab7dcef29d0612941c2458535bb4e530a65dfe95bc0cb51480eb9429883a4f6adb2472c1caa32cee88d3b149c8bec4051a1c32af142b9

    • SSDEEP

      49152:noGt35IDn9xZx6V3yIyRUfWs5PGor3m+VPeTS3Z/G:noGB5IDnlx6V3yRg8orB

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks