General

  • Target

    9f254d67e242b3eabf7eb81e4ed41d2381a85bfef7668d77eec43ecd9ff43074

  • Size

    74KB

  • Sample

    241112-r9fpsavepr

  • MD5

    77655806bd36cb5f75abc39864b9c069

  • SHA1

    fd9cf17bfd0ae74220ef5c4f69a9b9737644bd43

  • SHA256

    9f254d67e242b3eabf7eb81e4ed41d2381a85bfef7668d77eec43ecd9ff43074

  • SHA512

    e980a280d0860fd3d8c9a7c54d00a9409d1f4bd7900e80de5c342f09a820c3e04a1c01d50f2e8dba0e738584a353d383f5b78d5b6a3ea97be8f4f975160b1ebf

  • SSDEEP

    1536:IBuse+Zk77RNzLiTO3EToa9D4ZQKbgZi1dst7x9PxQ:IBuse+aX3zvjlZQKbgZi1St7xQ

Malware Config

Targets

    • Target

      9f254d67e242b3eabf7eb81e4ed41d2381a85bfef7668d77eec43ecd9ff43074

    • Size

      74KB

    • MD5

      77655806bd36cb5f75abc39864b9c069

    • SHA1

      fd9cf17bfd0ae74220ef5c4f69a9b9737644bd43

    • SHA256

      9f254d67e242b3eabf7eb81e4ed41d2381a85bfef7668d77eec43ecd9ff43074

    • SHA512

      e980a280d0860fd3d8c9a7c54d00a9409d1f4bd7900e80de5c342f09a820c3e04a1c01d50f2e8dba0e738584a353d383f5b78d5b6a3ea97be8f4f975160b1ebf

    • SSDEEP

      1536:IBuse+Zk77RNzLiTO3EToa9D4ZQKbgZi1dst7x9PxQ:IBuse+aX3zvjlZQKbgZi1St7xQ

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks