General

  • Target

    3ff7aa9e2f445bfb31d94d6b3c518e506b8a1e31f0f2fbae74b3e693049fe8e8N

  • Size

    2.6MB

  • Sample

    241110-bfyqhawdkk

  • MD5

    78bc0b57a6b7a5757df8cb97f5ae05f0

  • SHA1

    13365402638c32713fbbfe1c13816ea9085a0cdf

  • SHA256

    3ff7aa9e2f445bfb31d94d6b3c518e506b8a1e31f0f2fbae74b3e693049fe8e8

  • SHA512

    df04d0ee783f0888b70c570872171316c28797c717ee1645aa5d6613bf908c7308023a251b27abcb5fea8424cd7abf1f0880c0d2b72d5933367510838837968e

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBnB/bSq:sxX7QnxrloE5dpUpIbV

Malware Config

Targets

    • Target

      3ff7aa9e2f445bfb31d94d6b3c518e506b8a1e31f0f2fbae74b3e693049fe8e8N

    • Size

      2.6MB

    • MD5

      78bc0b57a6b7a5757df8cb97f5ae05f0

    • SHA1

      13365402638c32713fbbfe1c13816ea9085a0cdf

    • SHA256

      3ff7aa9e2f445bfb31d94d6b3c518e506b8a1e31f0f2fbae74b3e693049fe8e8

    • SHA512

      df04d0ee783f0888b70c570872171316c28797c717ee1645aa5d6613bf908c7308023a251b27abcb5fea8424cd7abf1f0880c0d2b72d5933367510838837968e

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBnB/bSq:sxX7QnxrloE5dpUpIbV

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks