General

  • Target

    129080cf2f40b47c72b24b2fe0d2fc8d2bab71952a8f048b1f03ddc1c9082cc6N

  • Size

    2.6MB

  • Sample

    241109-bhwzpasret

  • MD5

    a856d6fa4ee0f2e5ad46eb8e89e5b210

  • SHA1

    744ebd94e8017e007c5052e7949da39d8869faca

  • SHA256

    129080cf2f40b47c72b24b2fe0d2fc8d2bab71952a8f048b1f03ddc1c9082cc6

  • SHA512

    c2f1b98ba81fac680118028e98d4e4ed4c792a7eb408d9391e782c431e96b2aab543718473e2d2e46d1d22aa802b03a23267786b99bb2906395e2f98d40ac819

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB6B/bS:sxX7QnxrloE5dpUpxb

Malware Config

Targets

    • Target

      129080cf2f40b47c72b24b2fe0d2fc8d2bab71952a8f048b1f03ddc1c9082cc6N

    • Size

      2.6MB

    • MD5

      a856d6fa4ee0f2e5ad46eb8e89e5b210

    • SHA1

      744ebd94e8017e007c5052e7949da39d8869faca

    • SHA256

      129080cf2f40b47c72b24b2fe0d2fc8d2bab71952a8f048b1f03ddc1c9082cc6

    • SHA512

      c2f1b98ba81fac680118028e98d4e4ed4c792a7eb408d9391e782c431e96b2aab543718473e2d2e46d1d22aa802b03a23267786b99bb2906395e2f98d40ac819

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB6B/bS:sxX7QnxrloE5dpUpxb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks