General

  • Target

    0aebb3ca0f3c6042a9ff840e054590007ae1378bca4c6a13bb85c4743f1ff54b

  • Size

    2.6MB

  • Sample

    241109-x79gzazlft

  • MD5

    24af4350580bf66d1a2c6a520457709a

  • SHA1

    736e6540198fe6388f46fc0145dd9b47d93e91c8

  • SHA256

    0aebb3ca0f3c6042a9ff840e054590007ae1378bca4c6a13bb85c4743f1ff54b

  • SHA512

    5d5a8e2dd2321640351f8bc55f9f08284fb16e9498687e8cf3676475bc8abf9fa4697905a1d8045db38b97f4bc01ad887c81a476e5163dbb9b58ce6e26bca9bc

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBPB/bS:sxX7QnxrloE5dpUpYb

Malware Config

Targets

    • Target

      0aebb3ca0f3c6042a9ff840e054590007ae1378bca4c6a13bb85c4743f1ff54b

    • Size

      2.6MB

    • MD5

      24af4350580bf66d1a2c6a520457709a

    • SHA1

      736e6540198fe6388f46fc0145dd9b47d93e91c8

    • SHA256

      0aebb3ca0f3c6042a9ff840e054590007ae1378bca4c6a13bb85c4743f1ff54b

    • SHA512

      5d5a8e2dd2321640351f8bc55f9f08284fb16e9498687e8cf3676475bc8abf9fa4697905a1d8045db38b97f4bc01ad887c81a476e5163dbb9b58ce6e26bca9bc

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBPB/bS:sxX7QnxrloE5dpUpYb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks