General

  • Target

    1d24a68b2d5edb77b7a7adf76169ca1f3cbebd769a2b1181d505f0b84e5b43fe

  • Size

    2.6MB

  • Sample

    241109-y1mv3azrbs

  • MD5

    d0b42ddf612383f9fc0b9d9c1b636b88

  • SHA1

    faa666ce2af04cea1edaff9f6a6b2e15f64ecd58

  • SHA256

    1d24a68b2d5edb77b7a7adf76169ca1f3cbebd769a2b1181d505f0b84e5b43fe

  • SHA512

    7386d2c27b75869dda33cb7bf46031e466d5bfb512c74af07d816b7473da4006304c5a0dffec40fa8422229f395161caef6f4a8128b17b0e13c77a8f52d964d2

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBDB/bS:sxX7QnxrloE5dpUpAb

Malware Config

Targets

    • Target

      1d24a68b2d5edb77b7a7adf76169ca1f3cbebd769a2b1181d505f0b84e5b43fe

    • Size

      2.6MB

    • MD5

      d0b42ddf612383f9fc0b9d9c1b636b88

    • SHA1

      faa666ce2af04cea1edaff9f6a6b2e15f64ecd58

    • SHA256

      1d24a68b2d5edb77b7a7adf76169ca1f3cbebd769a2b1181d505f0b84e5b43fe

    • SHA512

      7386d2c27b75869dda33cb7bf46031e466d5bfb512c74af07d816b7473da4006304c5a0dffec40fa8422229f395161caef6f4a8128b17b0e13c77a8f52d964d2

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBDB/bS:sxX7QnxrloE5dpUpAb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks