General

  • Target

    fb1b47840ef631a7da44f580234af26bbc7b561a7374ff38f16817b708fee3ac

  • Size

    183KB

  • Sample

    241110-bsgmrawerr

  • MD5

    fe9e049cff84734689802cd093bf9e9c

  • SHA1

    4d4dd90e04797a43495e2e49ad97cc6f1b43afec

  • SHA256

    fb1b47840ef631a7da44f580234af26bbc7b561a7374ff38f16817b708fee3ac

  • SHA512

    03904c71d243819bcc0458c7b201b3349a1475b08247f685d1bb5cec83682c8f672bfe1cb7bd2b447cab0ff0a1ecd76f3bb933ee8e43e728418d382553c37f64

  • SSDEEP

    3072:8Ne+azbRPrlr9RXFNDfByOpGjAvb3eLG2FmDDSrDVTFooWZet3:x+azbRZv/pyOpGcj3UFmDDSrDVTSBQ3

Malware Config

Targets

    • Target

      fb1b47840ef631a7da44f580234af26bbc7b561a7374ff38f16817b708fee3ac

    • Size

      183KB

    • MD5

      fe9e049cff84734689802cd093bf9e9c

    • SHA1

      4d4dd90e04797a43495e2e49ad97cc6f1b43afec

    • SHA256

      fb1b47840ef631a7da44f580234af26bbc7b561a7374ff38f16817b708fee3ac

    • SHA512

      03904c71d243819bcc0458c7b201b3349a1475b08247f685d1bb5cec83682c8f672bfe1cb7bd2b447cab0ff0a1ecd76f3bb933ee8e43e728418d382553c37f64

    • SSDEEP

      3072:8Ne+azbRPrlr9RXFNDfByOpGjAvb3eLG2FmDDSrDVTFooWZet3:x+azbRZv/pyOpGcj3UFmDDSrDVTSBQ3

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks