General

  • Target

    5b1db636332eacb89cb6907fe02d47a7f8ae0c063c9a6383ca1ba97e94eeb076

  • Size

    369KB

  • Sample

    241109-y2dnsa1fpe

  • MD5

    c14e9896a90f01da389d0908b14bd192

  • SHA1

    886173d2ab5c841f75e5064300bf906ef47fd6c7

  • SHA256

    5b1db636332eacb89cb6907fe02d47a7f8ae0c063c9a6383ca1ba97e94eeb076

  • SHA512

    f066ebef18cf56437aed29859d34470173d21470d1d2c9c624442ed954b4525a0b86d49c6fe0f269218df05712c07d5dcd469013dae5b1f4e05799c0c8915b16

  • SSDEEP

    6144:M46tGdyr6bzU66bkWmchVySqkvAH3qo0wWJC6G/SMT4FWqC:M3N23U66b5zhVymA/XSRh

Malware Config

Targets

    • Target

      5b1db636332eacb89cb6907fe02d47a7f8ae0c063c9a6383ca1ba97e94eeb076

    • Size

      369KB

    • MD5

      c14e9896a90f01da389d0908b14bd192

    • SHA1

      886173d2ab5c841f75e5064300bf906ef47fd6c7

    • SHA256

      5b1db636332eacb89cb6907fe02d47a7f8ae0c063c9a6383ca1ba97e94eeb076

    • SHA512

      f066ebef18cf56437aed29859d34470173d21470d1d2c9c624442ed954b4525a0b86d49c6fe0f269218df05712c07d5dcd469013dae5b1f4e05799c0c8915b16

    • SSDEEP

      6144:M46tGdyr6bzU66bkWmchVySqkvAH3qo0wWJC6G/SMT4FWqC:M3N23U66b5zhVymA/XSRh

    • Drops file in Drivers directory

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks