General

  • Target

    95dcc5e3a6bf530a899db61f3470e9fa3c91272fba8c1145b73c5af0fbc5fd44N

  • Size

    2.6MB

  • Sample

    241109-bpfahswqgk

  • MD5

    905d011a98a1a1811ba2223a881d28f0

  • SHA1

    858eee90065ff04f060b3e24ad01be50c29544c2

  • SHA256

    95dcc5e3a6bf530a899db61f3470e9fa3c91272fba8c1145b73c5af0fbc5fd44

  • SHA512

    8ed38b6eec1e6a871f3c9b41e0c4c2578c67253f429eb68492237fab19aee36e136610feab801889825e23953671dac6ab1bb42aa85a0b1ea2315655bc33eec1

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBtB/bSq:sxX7QnxrloE5dpUpWbV

Malware Config

Targets

    • Target

      95dcc5e3a6bf530a899db61f3470e9fa3c91272fba8c1145b73c5af0fbc5fd44N

    • Size

      2.6MB

    • MD5

      905d011a98a1a1811ba2223a881d28f0

    • SHA1

      858eee90065ff04f060b3e24ad01be50c29544c2

    • SHA256

      95dcc5e3a6bf530a899db61f3470e9fa3c91272fba8c1145b73c5af0fbc5fd44

    • SHA512

      8ed38b6eec1e6a871f3c9b41e0c4c2578c67253f429eb68492237fab19aee36e136610feab801889825e23953671dac6ab1bb42aa85a0b1ea2315655bc33eec1

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBtB/bSq:sxX7QnxrloE5dpUpWbV

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks