General

  • Target

    6371bdeee07f153728d2503dccb50467105f7cb6f408633aaa9466d31a3ce780

  • Size

    964KB

  • Sample

    241109-y2dzjs1flq

  • MD5

    63302317b367e3b0df6c30eac9c1d042

  • SHA1

    8fb64df2948b8ed5cc6aa5dfa0eb9b6ac85a6c2a

  • SHA256

    6371bdeee07f153728d2503dccb50467105f7cb6f408633aaa9466d31a3ce780

  • SHA512

    2efb6180230852b5dac23f661b52b9f7d20c83a2ffa4675e9f8977b86a2709c679cd38ffdd1eac9fc4e0540e6814d0a8c0dd6c3656b951ecdc12fd41afbb9e4e

  • SSDEEP

    12288:M3N2BRKcv8Nh7py6Rmi78gkPH3aPI9vyVg/0paQuj3IdD02fKBjtp/:M3N2eBpDRmi78gkPXlyo0G/jr

Malware Config

Targets

    • Target

      6371bdeee07f153728d2503dccb50467105f7cb6f408633aaa9466d31a3ce780

    • Size

      964KB

    • MD5

      63302317b367e3b0df6c30eac9c1d042

    • SHA1

      8fb64df2948b8ed5cc6aa5dfa0eb9b6ac85a6c2a

    • SHA256

      6371bdeee07f153728d2503dccb50467105f7cb6f408633aaa9466d31a3ce780

    • SHA512

      2efb6180230852b5dac23f661b52b9f7d20c83a2ffa4675e9f8977b86a2709c679cd38ffdd1eac9fc4e0540e6814d0a8c0dd6c3656b951ecdc12fd41afbb9e4e

    • SSDEEP

      12288:M3N2BRKcv8Nh7py6Rmi78gkPH3aPI9vyVg/0paQuj3IdD02fKBjtp/:M3N2eBpDRmi78gkPXlyo0G/jr

    • Drops file in Drivers directory

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks