General

  • Target

    677345bcf5bc9c2e3ac4fcba15d10653ba8548eebb2d38e5ff4a09fdb07015a9

  • Size

    176KB

  • Sample

    241110-bsgmrawerq

  • MD5

    e4ed4f2b49359fb83bf230f1725072de

  • SHA1

    1f2d1e6188a6ede0d5ca09ce8b15ef8151c87f43

  • SHA256

    677345bcf5bc9c2e3ac4fcba15d10653ba8548eebb2d38e5ff4a09fdb07015a9

  • SHA512

    b61fc5e846468438a6b36799ee6cb27d1268d76eaca650b2d2e6269d2ee20b95b4276388770eea5ee47e36d98e325dd259ece13cc4fc74aea5268692016787d9

  • SSDEEP

    3072:Ige+aX3zvmDfByOpGjAvb3eLG2FmDDSrDVTFooWZet3:w+aX3LOpyOpGcj3UFmDDSrDVTSBQ3

Malware Config

Targets

    • Target

      677345bcf5bc9c2e3ac4fcba15d10653ba8548eebb2d38e5ff4a09fdb07015a9

    • Size

      176KB

    • MD5

      e4ed4f2b49359fb83bf230f1725072de

    • SHA1

      1f2d1e6188a6ede0d5ca09ce8b15ef8151c87f43

    • SHA256

      677345bcf5bc9c2e3ac4fcba15d10653ba8548eebb2d38e5ff4a09fdb07015a9

    • SHA512

      b61fc5e846468438a6b36799ee6cb27d1268d76eaca650b2d2e6269d2ee20b95b4276388770eea5ee47e36d98e325dd259ece13cc4fc74aea5268692016787d9

    • SSDEEP

      3072:Ige+aX3zvmDfByOpGjAvb3eLG2FmDDSrDVTFooWZet3:w+aX3LOpyOpGcj3UFmDDSrDVTSBQ3

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks