General

  • Target

    8f3d3af5fae75ebb6744ab911f2f50d96c690d080dc1412a7a4ae5a942e9a34b

  • Size

    1.2MB

  • Sample

    241109-bkb3astglm

  • MD5

    a1e227e383d57a0f5c23dbebb9423715

  • SHA1

    673a1871e36e07fa37da7a0f9e0ddd6c45688d64

  • SHA256

    8f3d3af5fae75ebb6744ab911f2f50d96c690d080dc1412a7a4ae5a942e9a34b

  • SHA512

    b26d4a740938c414f4910124999e3099cd3ea1a74d7529f018b6d69019c7854b02ab2673d6eea91d34cecf0bb996e7472acb7efbd97edf5de56a959b982167bf

  • SSDEEP

    12288:9JuXc3ajG+hjQKymY8efKCpD7Gj9G6G1qT8nQkCu83L3Wl/np9DBDt3kbE:busqjnhMgeiCl7G0nehbGZpbD

Malware Config

Targets

    • Target

      8f3d3af5fae75ebb6744ab911f2f50d96c690d080dc1412a7a4ae5a942e9a34b

    • Size

      1.2MB

    • MD5

      a1e227e383d57a0f5c23dbebb9423715

    • SHA1

      673a1871e36e07fa37da7a0f9e0ddd6c45688d64

    • SHA256

      8f3d3af5fae75ebb6744ab911f2f50d96c690d080dc1412a7a4ae5a942e9a34b

    • SHA512

      b26d4a740938c414f4910124999e3099cd3ea1a74d7529f018b6d69019c7854b02ab2673d6eea91d34cecf0bb996e7472acb7efbd97edf5de56a959b982167bf

    • SSDEEP

      12288:9JuXc3ajG+hjQKymY8efKCpD7Gj9G6G1qT8nQkCu83L3Wl/np9DBDt3kbE:busqjnhMgeiCl7G0nehbGZpbD

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks