General

  • Target

    d6532c87a5b86902e6f372fb9cc5e483d9639c021ed08a65c8d456b20b74cbe7

  • Size

    185KB

  • Sample

    241112-r9gbbaverc

  • MD5

    1bb0923f74a4f72fd221f956997f6d61

  • SHA1

    2c7a4e6ec376cc54c6cdf8b20136a0ade7c9c50c

  • SHA256

    d6532c87a5b86902e6f372fb9cc5e483d9639c021ed08a65c8d456b20b74cbe7

  • SHA512

    d8dad82df513e2cb7a34cedf00f2a5ec339df2b7adc46b7d1e41e4bc44b0184c26620192de9064ef0de10fa4d953b0a9696b304a2de5cb5b3cb2a75e9b4ea928

  • SSDEEP

    3072:IBuse+aX3zvwARYLJXJoYtpA/H3RpDecC+EZX70RjLTu46R0Eb:d5+aX3LwgYLjvqXRpDecw7Kj3u46db

Malware Config

Targets

    • Target

      d6532c87a5b86902e6f372fb9cc5e483d9639c021ed08a65c8d456b20b74cbe7

    • Size

      185KB

    • MD5

      1bb0923f74a4f72fd221f956997f6d61

    • SHA1

      2c7a4e6ec376cc54c6cdf8b20136a0ade7c9c50c

    • SHA256

      d6532c87a5b86902e6f372fb9cc5e483d9639c021ed08a65c8d456b20b74cbe7

    • SHA512

      d8dad82df513e2cb7a34cedf00f2a5ec339df2b7adc46b7d1e41e4bc44b0184c26620192de9064ef0de10fa4d953b0a9696b304a2de5cb5b3cb2a75e9b4ea928

    • SSDEEP

      3072:IBuse+aX3zvwARYLJXJoYtpA/H3RpDecC+EZX70RjLTu46R0Eb:d5+aX3LwgYLjvqXRpDecw7Kj3u46db

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks