General

  • Target

    506765bacbad6a799bc318f6df6c148ba44f76e4980c6f1a1c202a63b999fd50N.exe

  • Size

    2.6MB

  • Sample

    241112-aawhhssrhp

  • MD5

    9d304f5a275133259254fc8e323016a9

  • SHA1

    7215915fbe7e4733c236672614037fd6064e9133

  • SHA256

    0667ee1ae25ef468a8684a1c338368f0cb60c7560be5382eaed3e67d46a54b2e

  • SHA512

    72ecf3825f29c3f61ee261c07e385ff28dbc3cd8f6be0df7616c5ceed3bdc5b60d2ed947ccb42fa0bdf06d852ad8f046a6fbfb10d095bf0b4bc54a3e99d5e372

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBcB/bSg:sxX7QnxrloE5dpUpfbJ

Malware Config

Targets

    • Target

      506765bacbad6a799bc318f6df6c148ba44f76e4980c6f1a1c202a63b999fd50N.exe

    • Size

      2.6MB

    • MD5

      9d304f5a275133259254fc8e323016a9

    • SHA1

      7215915fbe7e4733c236672614037fd6064e9133

    • SHA256

      0667ee1ae25ef468a8684a1c338368f0cb60c7560be5382eaed3e67d46a54b2e

    • SHA512

      72ecf3825f29c3f61ee261c07e385ff28dbc3cd8f6be0df7616c5ceed3bdc5b60d2ed947ccb42fa0bdf06d852ad8f046a6fbfb10d095bf0b4bc54a3e99d5e372

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBcB/bSg:sxX7QnxrloE5dpUpfbJ

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks