General

  • Target

    5f309d25e9bb3a2d952a40d502fb0cb51d1e560d974f0a7f24bd3f9c7637a6f4

  • Size

    2.6MB

  • Sample

    241111-2tsphs1rhr

  • MD5

    c2ef2298775585e643ea89e4296d77c7

  • SHA1

    e5f163ff3c5fde11e805fd581da098f391eaa54a

  • SHA256

    5f309d25e9bb3a2d952a40d502fb0cb51d1e560d974f0a7f24bd3f9c7637a6f4

  • SHA512

    26d6f84304cf9d9ca5ea262b787e6a271c518da37f6bc69ab82999a33d4341aa95714e3d8aa8e646eb773672a057660af2ba58e6173f42b170d832e475cde09a

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB5B/bS:sxX7QnxrloE5dpUpWb

Malware Config

Targets

    • Target

      5f309d25e9bb3a2d952a40d502fb0cb51d1e560d974f0a7f24bd3f9c7637a6f4

    • Size

      2.6MB

    • MD5

      c2ef2298775585e643ea89e4296d77c7

    • SHA1

      e5f163ff3c5fde11e805fd581da098f391eaa54a

    • SHA256

      5f309d25e9bb3a2d952a40d502fb0cb51d1e560d974f0a7f24bd3f9c7637a6f4

    • SHA512

      26d6f84304cf9d9ca5ea262b787e6a271c518da37f6bc69ab82999a33d4341aa95714e3d8aa8e646eb773672a057660af2ba58e6173f42b170d832e475cde09a

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB5B/bS:sxX7QnxrloE5dpUpWb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks