General

  • Target

    af35b685f0003fde998050799ec59ee1fd7c26fd1af0c14f92bea218aa2f59d6N.exe

  • Size

    2.6MB

  • Sample

    241112-sa37gaxrhr

  • MD5

    b0d1aeda6cdce354165080c50addbc30

  • SHA1

    94f643bbf93cc25f645fcd3c1d7b41e71a686b4a

  • SHA256

    af35b685f0003fde998050799ec59ee1fd7c26fd1af0c14f92bea218aa2f59d6

  • SHA512

    c73cf33a423b28788680b7ee5cddb41227e4d3f7253a76e3ba76c972c94561e1d629b99c9b8040b73551803ca37639bc6f533955b8a59ef80615d44ca0245cff

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBlB/bS:sxX7QnxrloE5dpUpeb

Malware Config

Targets

    • Target

      af35b685f0003fde998050799ec59ee1fd7c26fd1af0c14f92bea218aa2f59d6N.exe

    • Size

      2.6MB

    • MD5

      b0d1aeda6cdce354165080c50addbc30

    • SHA1

      94f643bbf93cc25f645fcd3c1d7b41e71a686b4a

    • SHA256

      af35b685f0003fde998050799ec59ee1fd7c26fd1af0c14f92bea218aa2f59d6

    • SHA512

      c73cf33a423b28788680b7ee5cddb41227e4d3f7253a76e3ba76c972c94561e1d629b99c9b8040b73551803ca37639bc6f533955b8a59ef80615d44ca0245cff

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBlB/bS:sxX7QnxrloE5dpUpeb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks