General

  • Target

    16cce8198faf6fe31b3267f989b2eab13805b1a44d7aef4c8b657deaaf2deb2dN.exe

  • Size

    183KB

  • Sample

    241112-hf73hawmaz

  • MD5

    3cd2ae62e09dd65e787a0e8032f61a87

  • SHA1

    10907a5f63ffbeaab1ff187d0a534e95eec8069e

  • SHA256

    d4d63b490bd3517500c93944207ae26af157ccc519858a7697fb8879430ab96c

  • SHA512

    94a83a0f7a09b0cb51c99af87b30f6865c78a3a361e3507b8a4f58f814694fba808cff5731c7a59b27346e575a4b94a62f7462690704b89c68740c985ab4bcce

  • SSDEEP

    3072:PDiAEhk3ujDfkmmt0fSoD7EXG8ZiGB8xFAnT:PDiAE+Bmmt0fSoD7KG4iGmQ

Malware Config

Targets

    • Target

      16cce8198faf6fe31b3267f989b2eab13805b1a44d7aef4c8b657deaaf2deb2dN.exe

    • Size

      183KB

    • MD5

      3cd2ae62e09dd65e787a0e8032f61a87

    • SHA1

      10907a5f63ffbeaab1ff187d0a534e95eec8069e

    • SHA256

      d4d63b490bd3517500c93944207ae26af157ccc519858a7697fb8879430ab96c

    • SHA512

      94a83a0f7a09b0cb51c99af87b30f6865c78a3a361e3507b8a4f58f814694fba808cff5731c7a59b27346e575a4b94a62f7462690704b89c68740c985ab4bcce

    • SSDEEP

      3072:PDiAEhk3ujDfkmmt0fSoD7EXG8ZiGB8xFAnT:PDiAE+Bmmt0fSoD7KG4iGmQ

    • Renames multiple (256) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks