General

  • Target

    219a36bec9a0bd6f132234c0fa870e1d66c1bb4e0e63d9591094e28a5b03d1ce

  • Size

    2.6MB

  • Sample

    241109-y8z6csvjan

  • MD5

    8a4aa9e4cd3dd022065b57548452a3b8

  • SHA1

    843fb664cdc82bc6b829fc6cbf7f42ae617389e6

  • SHA256

    219a36bec9a0bd6f132234c0fa870e1d66c1bb4e0e63d9591094e28a5b03d1ce

  • SHA512

    f6a0c7090ffe0d52735c2a6a8f2032b7e4a29e4ea4503cb6d25ac375fd407e1ff61ec9e7bd426cc00c6573aad6ce01d5eeeead454dc2bcc3ccd1528a4fee61d4

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBfB/bS:sxX7QnxrloE5dpUpQb

Malware Config

Targets

    • Target

      219a36bec9a0bd6f132234c0fa870e1d66c1bb4e0e63d9591094e28a5b03d1ce

    • Size

      2.6MB

    • MD5

      8a4aa9e4cd3dd022065b57548452a3b8

    • SHA1

      843fb664cdc82bc6b829fc6cbf7f42ae617389e6

    • SHA256

      219a36bec9a0bd6f132234c0fa870e1d66c1bb4e0e63d9591094e28a5b03d1ce

    • SHA512

      f6a0c7090ffe0d52735c2a6a8f2032b7e4a29e4ea4503cb6d25ac375fd407e1ff61ec9e7bd426cc00c6573aad6ce01d5eeeead454dc2bcc3ccd1528a4fee61d4

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBfB/bS:sxX7QnxrloE5dpUpQb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks