General

  • Target

    aa1fa0106c3706a6103038b0b413c57b8d877be298fb0919b3ea32c5a5a3353f

  • Size

    245KB

  • Sample

    241110-bw4axswjgv

  • MD5

    85598be0d0b54ca6d20d191e8ca6c8ba

  • SHA1

    41f1680f3a4d0f8a5aaffd62e838b3580592ee0d

  • SHA256

    aa1fa0106c3706a6103038b0b413c57b8d877be298fb0919b3ea32c5a5a3353f

  • SHA512

    031f6ecfbeaea188b6fa5b0b789a9afd877a981fdb19f8f0b2a179f9900d821cd284ddad42b7ce0d01f828f30389f3a1a8a690b1cba685e54157dcebe9e770b1

  • SSDEEP

    3072:PDXG2BmNb6NLI0nxYp9pGp29eJFDraRs+2xh77Up7j4+MTS5qd6VCmmLq7wb8Wb:PDrm8L+pfFe3Xk12xmj4LTY4q7Ib

Malware Config

Targets

    • Target

      aa1fa0106c3706a6103038b0b413c57b8d877be298fb0919b3ea32c5a5a3353f

    • Size

      245KB

    • MD5

      85598be0d0b54ca6d20d191e8ca6c8ba

    • SHA1

      41f1680f3a4d0f8a5aaffd62e838b3580592ee0d

    • SHA256

      aa1fa0106c3706a6103038b0b413c57b8d877be298fb0919b3ea32c5a5a3353f

    • SHA512

      031f6ecfbeaea188b6fa5b0b789a9afd877a981fdb19f8f0b2a179f9900d821cd284ddad42b7ce0d01f828f30389f3a1a8a690b1cba685e54157dcebe9e770b1

    • SSDEEP

      3072:PDXG2BmNb6NLI0nxYp9pGp29eJFDraRs+2xh77Up7j4+MTS5qd6VCmmLq7wb8Wb:PDrm8L+pfFe3Xk12xmj4LTY4q7Ib

    • Renames multiple (258) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks