General

  • Target

    f5f058ed38a775488ff3a623909c2501a918abfebd1f170eba8f61c5158626bc

  • Size

    963KB

  • Sample

    241112-r7rz2avemh

  • MD5

    91fd33c0fe17b79d83464d387d40eb6c

  • SHA1

    da0e66a4f28ad92fd74fe6ac176eaa27bc9eccc9

  • SHA256

    f5f058ed38a775488ff3a623909c2501a918abfebd1f170eba8f61c5158626bc

  • SHA512

    680c5e69796af6c47d4e44d14657fe0902051d06aa207ed313df6f90c3e1ef5e97e22687357df13c1e1633fca44ace49e086abe36841f89664eb8f2c28d3e6aa

  • SSDEEP

    12288:b+atRKcv8Nh7py6Rmi78gkPH3aPI9vyVg/0paQuj3IdD02fKBjtp/:bBqBpDRmi78gkPXlyo0G/jr

Malware Config

Targets

    • Target

      f5f058ed38a775488ff3a623909c2501a918abfebd1f170eba8f61c5158626bc

    • Size

      963KB

    • MD5

      91fd33c0fe17b79d83464d387d40eb6c

    • SHA1

      da0e66a4f28ad92fd74fe6ac176eaa27bc9eccc9

    • SHA256

      f5f058ed38a775488ff3a623909c2501a918abfebd1f170eba8f61c5158626bc

    • SHA512

      680c5e69796af6c47d4e44d14657fe0902051d06aa207ed313df6f90c3e1ef5e97e22687357df13c1e1633fca44ace49e086abe36841f89664eb8f2c28d3e6aa

    • SSDEEP

      12288:b+atRKcv8Nh7py6Rmi78gkPH3aPI9vyVg/0paQuj3IdD02fKBjtp/:bBqBpDRmi78gkPXlyo0G/jr

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks