General

  • Target

    d5614b9d1e7f97847fc61021f58d16ff33ab8b664cff4aa76b2d4ab44e1581d0

  • Size

    70KB

  • Sample

    241109-y2dc1s1flp

  • MD5

    925c16792494bd3c74229282179afc96

  • SHA1

    ba7de75a227c99fc5ac83f6c44b056b650e69ca1

  • SHA256

    d5614b9d1e7f97847fc61021f58d16ff33ab8b664cff4aa76b2d4ab44e1581d0

  • SHA512

    c9ccd8c71bb4815f57aa7263113721eb1586ae5d281795fda6701ccc9e596ced33a141435c4e8c755b424fffa5ad71d27123cfc9cce5e1be8365415c0ca9e18b

  • SSDEEP

    1536:HcaYzMXqtGNttyitOpg22nriw+d9bHrkT5gUHz7FxtJ:HcaY46tGNttyCa6nrBkfkT5xHzD

Malware Config

Targets

    • Target

      d5614b9d1e7f97847fc61021f58d16ff33ab8b664cff4aa76b2d4ab44e1581d0

    • Size

      70KB

    • MD5

      925c16792494bd3c74229282179afc96

    • SHA1

      ba7de75a227c99fc5ac83f6c44b056b650e69ca1

    • SHA256

      d5614b9d1e7f97847fc61021f58d16ff33ab8b664cff4aa76b2d4ab44e1581d0

    • SHA512

      c9ccd8c71bb4815f57aa7263113721eb1586ae5d281795fda6701ccc9e596ced33a141435c4e8c755b424fffa5ad71d27123cfc9cce5e1be8365415c0ca9e18b

    • SSDEEP

      1536:HcaYzMXqtGNttyitOpg22nriw+d9bHrkT5gUHz7FxtJ:HcaY46tGNttyCa6nrBkfkT5xHzD

    • Drops file in Drivers directory

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks