General

  • Target

    c591faa8733e1c83429c6cef08673619aa436a0ce20d0b883af84c07f7b80292N

  • Size

    2.6MB

  • Sample

    241109-dbeg6swbqh

  • MD5

    c0439ea51f852ba413dcfce62cad5fc0

  • SHA1

    1896307365da88179c92e2a6a92bc1c8491f9e61

  • SHA256

    c591faa8733e1c83429c6cef08673619aa436a0ce20d0b883af84c07f7b80292

  • SHA512

    b0c6aeb4010a093290fb950d6aecedca0f65ebd0e7b41a6254f36e7eb4d0a1912b1e1ef70e2318aef0d64088d3cb43101ef18c67a0a08663fc9498a207608af9

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBeB/bS:sxX7QnxrloE5dpUphb

Malware Config

Targets

    • Target

      c591faa8733e1c83429c6cef08673619aa436a0ce20d0b883af84c07f7b80292N

    • Size

      2.6MB

    • MD5

      c0439ea51f852ba413dcfce62cad5fc0

    • SHA1

      1896307365da88179c92e2a6a92bc1c8491f9e61

    • SHA256

      c591faa8733e1c83429c6cef08673619aa436a0ce20d0b883af84c07f7b80292

    • SHA512

      b0c6aeb4010a093290fb950d6aecedca0f65ebd0e7b41a6254f36e7eb4d0a1912b1e1ef70e2318aef0d64088d3cb43101ef18c67a0a08663fc9498a207608af9

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBeB/bS:sxX7QnxrloE5dpUphb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks