General

  • Target

    b9e025d19552b6085cfd270441379c3445ec18b14dce113bb1b2f8764fd675b8N

  • Size

    149KB

  • Sample

    241110-etvsjszanq

  • MD5

    a4fc3112f925412f1b6f29b4db25a3a0

  • SHA1

    baa031be9b4663fa5b6c74e44d9f3b238a4035bc

  • SHA256

    b9e025d19552b6085cfd270441379c3445ec18b14dce113bb1b2f8764fd675b8

  • SHA512

    32c7ec5ba914aac320ee20721e5905944d0a62f05f8d871339815a779c5f8dbc3ac4e2dad6aec735a212b6d610400683336bbd3b423da2df1770209720be657a

  • SSDEEP

    3072:gOuCgsQ+rTjPQopsX2VEAhHMsuJmQWZmvwEfpp0YkiQ4:OYPVg2nhHvQWZ74p+Yj

Malware Config

Targets

    • Target

      b9e025d19552b6085cfd270441379c3445ec18b14dce113bb1b2f8764fd675b8N

    • Size

      149KB

    • MD5

      a4fc3112f925412f1b6f29b4db25a3a0

    • SHA1

      baa031be9b4663fa5b6c74e44d9f3b238a4035bc

    • SHA256

      b9e025d19552b6085cfd270441379c3445ec18b14dce113bb1b2f8764fd675b8

    • SHA512

      32c7ec5ba914aac320ee20721e5905944d0a62f05f8d871339815a779c5f8dbc3ac4e2dad6aec735a212b6d610400683336bbd3b423da2df1770209720be657a

    • SSDEEP

      3072:gOuCgsQ+rTjPQopsX2VEAhHMsuJmQWZmvwEfpp0YkiQ4:OYPVg2nhHvQWZ74p+Yj

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks