General

  • Target

    873fef0f83c596c8152d9411a89644c74bc92a3407af8d550fbdfa151783fe74

  • Size

    203KB

  • Sample

    241111-t2xz7svlbr

  • MD5

    e88b972d269f5feab3c7a47bc67b9fab

  • SHA1

    2b4ea1f9851d7c93d897d9a9e172a53940b2ef92

  • SHA256

    873fef0f83c596c8152d9411a89644c74bc92a3407af8d550fbdfa151783fe74

  • SHA512

    54953f00a44db19c712402d68d548496f915107a8dafc8fa3b992f3287a10503e934b8ee16f8308beef87dc54412708f09054dfc38c44e32ab714be325ff3d00

  • SSDEEP

    3072:fP5gvNVLIfHQja1RfmLQADwSKkhU+tLgT5lODbiC8r1PkT:X2vnSwjaOcADw9cUeCOf

Malware Config

Targets

    • Target

      873fef0f83c596c8152d9411a89644c74bc92a3407af8d550fbdfa151783fe74

    • Size

      203KB

    • MD5

      e88b972d269f5feab3c7a47bc67b9fab

    • SHA1

      2b4ea1f9851d7c93d897d9a9e172a53940b2ef92

    • SHA256

      873fef0f83c596c8152d9411a89644c74bc92a3407af8d550fbdfa151783fe74

    • SHA512

      54953f00a44db19c712402d68d548496f915107a8dafc8fa3b992f3287a10503e934b8ee16f8308beef87dc54412708f09054dfc38c44e32ab714be325ff3d00

    • SSDEEP

      3072:fP5gvNVLIfHQja1RfmLQADwSKkhU+tLgT5lODbiC8r1PkT:X2vnSwjaOcADw9cUeCOf

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks