General

  • Target

    a5e490449abdcf2f038f4e28c737bb3950fb81496c7cc20459c1eb4f4a541ce9

  • Size

    46KB

  • Sample

    241110-bqhr2avrev

  • MD5

    52148214ac2a181e6a543288ab414c48

  • SHA1

    737f0e65bc81296e75afb556d41820ad34519a1b

  • SHA256

    a5e490449abdcf2f038f4e28c737bb3950fb81496c7cc20459c1eb4f4a541ce9

  • SHA512

    9f361b4a8af8d38ad793f6eec4ce0338838030bb25f01c16ee34e9eb46c4b400233cbe0bdbabc27495382d4b08c002edf95de10113da56b61110463cd7474ee8

  • SSDEEP

    768:cCyKqlbmQclfN4GL6E2CyKqlbmQclfN4GL6EL:sKqlbmQ2fN+EmKqlbmQ2fN+EL

Malware Config

Targets

    • Target

      a5e490449abdcf2f038f4e28c737bb3950fb81496c7cc20459c1eb4f4a541ce9

    • Size

      46KB

    • MD5

      52148214ac2a181e6a543288ab414c48

    • SHA1

      737f0e65bc81296e75afb556d41820ad34519a1b

    • SHA256

      a5e490449abdcf2f038f4e28c737bb3950fb81496c7cc20459c1eb4f4a541ce9

    • SHA512

      9f361b4a8af8d38ad793f6eec4ce0338838030bb25f01c16ee34e9eb46c4b400233cbe0bdbabc27495382d4b08c002edf95de10113da56b61110463cd7474ee8

    • SSDEEP

      768:cCyKqlbmQclfN4GL6E2CyKqlbmQclfN4GL6EL:sKqlbmQ2fN+EmKqlbmQ2fN+EL

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks