General

  • Target

    0a9329fbf90bbcb44276d8e08cefd33bc4ab16bd7e681663217ebe38ed795148

  • Size

    2.7MB

  • Sample

    241109-x7p4bstkgp

  • MD5

    efda3c186b99f0606567011775423388

  • SHA1

    1d71401b169f730d48f1b387ab65c5d551a9c0c0

  • SHA256

    0a9329fbf90bbcb44276d8e08cefd33bc4ab16bd7e681663217ebe38ed795148

  • SHA512

    f02b5f73acab63e747118819befb074d5c30afdb8fd37cd286f10b32e9cca6ab1611698878f6303b669e65d3ad26aaa6d9bba6373238a4784752592dfe68380f

  • SSDEEP

    49152:+R0p8xHycIq+GI27nGroMPTJPer1c2HSjpjK3LBu9w4Sx:+R0pI/IQlUoMPdmpSp84

Malware Config

Targets

    • Target

      0a9329fbf90bbcb44276d8e08cefd33bc4ab16bd7e681663217ebe38ed795148

    • Size

      2.7MB

    • MD5

      efda3c186b99f0606567011775423388

    • SHA1

      1d71401b169f730d48f1b387ab65c5d551a9c0c0

    • SHA256

      0a9329fbf90bbcb44276d8e08cefd33bc4ab16bd7e681663217ebe38ed795148

    • SHA512

      f02b5f73acab63e747118819befb074d5c30afdb8fd37cd286f10b32e9cca6ab1611698878f6303b669e65d3ad26aaa6d9bba6373238a4784752592dfe68380f

    • SSDEEP

      49152:+R0p8xHycIq+GI27nGroMPTJPer1c2HSjpjK3LBu9w4Sx:+R0pI/IQlUoMPdmpSp84

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks