General

  • Target

    c7bb6dd372fce079ff1f21b97e6842e09bc51304f57ac94beacf9e50b5088a05

  • Size

    201KB

  • Sample

    241110-f7xpqs1amm

  • MD5

    7237c125c4fec41e54cbea30b27f4980

  • SHA1

    0c9761dc01539fd623319bc7232f02ef7bac1d36

  • SHA256

    c7bb6dd372fce079ff1f21b97e6842e09bc51304f57ac94beacf9e50b5088a05

  • SHA512

    759a910556ca0a4a0fec293db24225767eab535959a3ee3170becefd0cb38cbfb71e47d7aae9e560914bc89c6b8957c504061d5321a00482f12c43ef90e7fd36

  • SSDEEP

    3072:fP5gvNVLIfHQja1RfmLQADwSKkhU+tLgT5lODbiC8r1PkTR:X2vnSwjaOcADw9cUeCOfD

Malware Config

Targets

    • Target

      c7bb6dd372fce079ff1f21b97e6842e09bc51304f57ac94beacf9e50b5088a05

    • Size

      201KB

    • MD5

      7237c125c4fec41e54cbea30b27f4980

    • SHA1

      0c9761dc01539fd623319bc7232f02ef7bac1d36

    • SHA256

      c7bb6dd372fce079ff1f21b97e6842e09bc51304f57ac94beacf9e50b5088a05

    • SHA512

      759a910556ca0a4a0fec293db24225767eab535959a3ee3170becefd0cb38cbfb71e47d7aae9e560914bc89c6b8957c504061d5321a00482f12c43ef90e7fd36

    • SSDEEP

      3072:fP5gvNVLIfHQja1RfmLQADwSKkhU+tLgT5lODbiC8r1PkTR:X2vnSwjaOcADw9cUeCOfD

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks