General

  • Target

    512d37333b3a840f8e1dbb00667b09603ba16d5002b4f42388939345a389fd74N.exe

  • Size

    169KB

  • Sample

    241112-hnsmsaxdnh

  • MD5

    ba3b4a753b7dc4c08b72ab2dd3badf10

  • SHA1

    6b810ad3532de4c55c377b64a5580ad38ae341bb

  • SHA256

    c9bdad5625d0ef67970777373f44335f60809c99f57432270c68564eab2a2ce6

  • SHA512

    aacff2f0baa862da2437835e9e241530e6589e3f88584f70e7393b88ed873bf8dd8aa96323b0e40415583c4983848d47614acdc07faaf8d5b54d40e8a93a09ba

  • SSDEEP

    3072:PDrC76JNKjzDImGnUI/9FXK4+PoSZSb5qURwubvvnzdl1C7blxA2Z4l361xd:PDGOJyDImGUcsvZZvUmubv7ubHAZl36

Malware Config

Targets

    • Target

      512d37333b3a840f8e1dbb00667b09603ba16d5002b4f42388939345a389fd74N.exe

    • Size

      169KB

    • MD5

      ba3b4a753b7dc4c08b72ab2dd3badf10

    • SHA1

      6b810ad3532de4c55c377b64a5580ad38ae341bb

    • SHA256

      c9bdad5625d0ef67970777373f44335f60809c99f57432270c68564eab2a2ce6

    • SHA512

      aacff2f0baa862da2437835e9e241530e6589e3f88584f70e7393b88ed873bf8dd8aa96323b0e40415583c4983848d47614acdc07faaf8d5b54d40e8a93a09ba

    • SSDEEP

      3072:PDrC76JNKjzDImGnUI/9FXK4+PoSZSb5qURwubvvnzdl1C7blxA2Z4l361xd:PDGOJyDImGUcsvZZvUmubv7ubHAZl36

    • Renames multiple (255) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks