General

  • Target

    46f7f9628d9fe9002d244d9b4f163c3c948817cd66c13d7ed34d0d5c46b64c86N

  • Size

    81KB

  • Sample

    241109-rqkjmawejp

  • MD5

    e05b4dff42525b572767e702fc1dd0b0

  • SHA1

    efa3e590d301f90b7aa5cf68c8b3a8a3ecf2abfa

  • SHA256

    46f7f9628d9fe9002d244d9b4f163c3c948817cd66c13d7ed34d0d5c46b64c86

  • SHA512

    a4d55463143489499e02c7db436a8f61f276bdda554c8b54b8947e0b363a7abf4f287f69791a345e520b2ee690979cabdfe5127d1b6abca17db0f4f125d816b0

  • SSDEEP

    1536:lCbhjW8rhK4rg6Z1qdkMB5eIO292XbNTx9sy8ifyXxyk3D3Wfn25B76Ps06DcBqD:QbhjWfe/+dkg4ZfWiKAC3W67E5nBq51

Malware Config

Targets

    • Target

      46f7f9628d9fe9002d244d9b4f163c3c948817cd66c13d7ed34d0d5c46b64c86N

    • Size

      81KB

    • MD5

      e05b4dff42525b572767e702fc1dd0b0

    • SHA1

      efa3e590d301f90b7aa5cf68c8b3a8a3ecf2abfa

    • SHA256

      46f7f9628d9fe9002d244d9b4f163c3c948817cd66c13d7ed34d0d5c46b64c86

    • SHA512

      a4d55463143489499e02c7db436a8f61f276bdda554c8b54b8947e0b363a7abf4f287f69791a345e520b2ee690979cabdfe5127d1b6abca17db0f4f125d816b0

    • SSDEEP

      1536:lCbhjW8rhK4rg6Z1qdkMB5eIO292XbNTx9sy8ifyXxyk3D3Wfn25B76Ps06DcBqD:QbhjWfe/+dkg4ZfWiKAC3W67E5nBq51

    • Blocklisted process makes network request

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks