General

  • Target

    d11e063c5f7eac9710a0086cbc2d5aba9ea0e3fdadd98b1fc1ce6edf3db968c9

  • Size

    1.7MB

  • Sample

    241109-xnf2bazfjc

  • MD5

    24b54e81591c81063b4a753fd3ee1c25

  • SHA1

    994ca7bf7e02c6d896ab55088ede9ee5441c2625

  • SHA256

    d11e063c5f7eac9710a0086cbc2d5aba9ea0e3fdadd98b1fc1ce6edf3db968c9

  • SHA512

    e077f86c21a3444dc4e0987f1e8e0af40f4792c9eb8f989b0c8bf98d2f7bf479520ec73e1a39549d6f4dba6022b5adcf8038a5a57bc3fb8dcfbc3310958456f5

  • SSDEEP

    49152:WKxNupkTcKb4rSUfkVFjLaB0zj0yjoB2:vfupkT5NUQsB2Yyjl

Malware Config

Targets

    • Target

      d11e063c5f7eac9710a0086cbc2d5aba9ea0e3fdadd98b1fc1ce6edf3db968c9

    • Size

      1.7MB

    • MD5

      24b54e81591c81063b4a753fd3ee1c25

    • SHA1

      994ca7bf7e02c6d896ab55088ede9ee5441c2625

    • SHA256

      d11e063c5f7eac9710a0086cbc2d5aba9ea0e3fdadd98b1fc1ce6edf3db968c9

    • SHA512

      e077f86c21a3444dc4e0987f1e8e0af40f4792c9eb8f989b0c8bf98d2f7bf479520ec73e1a39549d6f4dba6022b5adcf8038a5a57bc3fb8dcfbc3310958456f5

    • SSDEEP

      49152:WKxNupkTcKb4rSUfkVFjLaB0zj0yjoB2:vfupkT5NUQsB2Yyjl

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks