General

  • Target

    597ee630c5357f34bb42162e02a8f042f3d30d59c5476abba89fd53a03902f96

  • Size

    2.6MB

  • Sample

    241111-2k9lnsycpj

  • MD5

    d6500ec25b22a69872b58f162fd73ff0

  • SHA1

    9c033f63e33a382cc161de0eabe5df0962f77c3b

  • SHA256

    597ee630c5357f34bb42162e02a8f042f3d30d59c5476abba89fd53a03902f96

  • SHA512

    6162359655180b25e4f8c607b6deb87994643597f8da11f8a2ffb058f0c0f9f2a5dd2cf5c056b40554810502ea14e82254f29a194a2b0556f39d7e137e1c1e21

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBbB/bSq:sxX7QnxrloE5dpUpYbV

Malware Config

Targets

    • Target

      597ee630c5357f34bb42162e02a8f042f3d30d59c5476abba89fd53a03902f96

    • Size

      2.6MB

    • MD5

      d6500ec25b22a69872b58f162fd73ff0

    • SHA1

      9c033f63e33a382cc161de0eabe5df0962f77c3b

    • SHA256

      597ee630c5357f34bb42162e02a8f042f3d30d59c5476abba89fd53a03902f96

    • SHA512

      6162359655180b25e4f8c607b6deb87994643597f8da11f8a2ffb058f0c0f9f2a5dd2cf5c056b40554810502ea14e82254f29a194a2b0556f39d7e137e1c1e21

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBbB/bSq:sxX7QnxrloE5dpUpYbV

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks