General

  • Target

    4fc14dab210dc9be542df7d9d646598aace5bc7d9799c888f480a2ed7548ad4d

  • Size

    2.6MB

  • Sample

    241111-19qdnaxkat

  • MD5

    91b100225a52e6878e5ff9ce63277731

  • SHA1

    e56408b9cbd0064acec0939020a4c77867830cb8

  • SHA256

    4fc14dab210dc9be542df7d9d646598aace5bc7d9799c888f480a2ed7548ad4d

  • SHA512

    722487dc2c11085f34e8ab8aab168871b0e01e0a91ca100f02a08621a6cdff09653438991a40f7290380c5783e8b9265567ac66a84b97de7e8ede9963e5a4b65

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBXB/bS:sxX7QnxrloE5dpUpkb

Malware Config

Targets

    • Target

      4fc14dab210dc9be542df7d9d646598aace5bc7d9799c888f480a2ed7548ad4d

    • Size

      2.6MB

    • MD5

      91b100225a52e6878e5ff9ce63277731

    • SHA1

      e56408b9cbd0064acec0939020a4c77867830cb8

    • SHA256

      4fc14dab210dc9be542df7d9d646598aace5bc7d9799c888f480a2ed7548ad4d

    • SHA512

      722487dc2c11085f34e8ab8aab168871b0e01e0a91ca100f02a08621a6cdff09653438991a40f7290380c5783e8b9265567ac66a84b97de7e8ede9963e5a4b65

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBXB/bS:sxX7QnxrloE5dpUpkb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks