General

  • Target

    d2e0a411176f056c2166706ba9f9a56542892ed1b20fa411d67d374e16758990

  • Size

    666KB

  • Sample

    241112-r7rdhavelq

  • MD5

    c21c1a9754dfc7a27a7114dcc0dd1449

  • SHA1

    dd226410af65d6a1c780052b5b3ef4e99deb5e2b

  • SHA256

    d2e0a411176f056c2166706ba9f9a56542892ed1b20fa411d67d374e16758990

  • SHA512

    4b38dc1b409799943f54c8b62598e6022fb3430054b46258e780ebc9e66f4aebae8c42325078118259a10f85111dd4fcdb36a483ad25ad8d627835c798f32cf8

  • SSDEEP

    6144:d5+aX3LdC9LRU0ySj14WH+JPb7uL8zRMnJjNhAp7SO8zRMnJjNhAp7S8FRcdEKFC:b+aoPFlTz

Malware Config

Targets

    • Target

      d2e0a411176f056c2166706ba9f9a56542892ed1b20fa411d67d374e16758990

    • Size

      666KB

    • MD5

      c21c1a9754dfc7a27a7114dcc0dd1449

    • SHA1

      dd226410af65d6a1c780052b5b3ef4e99deb5e2b

    • SHA256

      d2e0a411176f056c2166706ba9f9a56542892ed1b20fa411d67d374e16758990

    • SHA512

      4b38dc1b409799943f54c8b62598e6022fb3430054b46258e780ebc9e66f4aebae8c42325078118259a10f85111dd4fcdb36a483ad25ad8d627835c798f32cf8

    • SSDEEP

      6144:d5+aX3LdC9LRU0ySj14WH+JPb7uL8zRMnJjNhAp7SO8zRMnJjNhAp7S8FRcdEKFC:b+aoPFlTz

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks