General

  • Target

    2640054e2e1e7de49414eba02fbe032d68d3b36cb4ee86f033d5b3eccb245909

  • Size

    5.7MB

  • Sample

    241109-y2ek3stqcp

  • MD5

    807fb97eb426ed6aeca0f78ca55621ad

  • SHA1

    fe7fc459bb1a313e44e8696e0886649ae208474c

  • SHA256

    2640054e2e1e7de49414eba02fbe032d68d3b36cb4ee86f033d5b3eccb245909

  • SHA512

    6038e8ca3cc1444968fa3d71f1c965a6a6471418f09bac797e7de4408c5de763dc429bdc4731a31e315a3b4d408eb1105e25bb350afa8749b50cf75ab943821d

  • SSDEEP

    49152:MdFPv94AEsKU8ggw1g+1CART5eBiyKS3EI3wybn20DCYIHvc8ixuZm9+fWsw6dTP:MdhKUgTH2M2m9UMpu1QfLczqssnKSk

Malware Config

Targets

    • Target

      2640054e2e1e7de49414eba02fbe032d68d3b36cb4ee86f033d5b3eccb245909

    • Size

      5.7MB

    • MD5

      807fb97eb426ed6aeca0f78ca55621ad

    • SHA1

      fe7fc459bb1a313e44e8696e0886649ae208474c

    • SHA256

      2640054e2e1e7de49414eba02fbe032d68d3b36cb4ee86f033d5b3eccb245909

    • SHA512

      6038e8ca3cc1444968fa3d71f1c965a6a6471418f09bac797e7de4408c5de763dc429bdc4731a31e315a3b4d408eb1105e25bb350afa8749b50cf75ab943821d

    • SSDEEP

      49152:MdFPv94AEsKU8ggw1g+1CART5eBiyKS3EI3wybn20DCYIHvc8ixuZm9+fWsw6dTP:MdhKUgTH2M2m9UMpu1QfLczqssnKSk

    • Drops file in Drivers directory

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks