General

  • Target

    e592be39823c9b7e2c949409a8026524e0c9982705a9ba081b34c3471e97908f.exe

  • Size

    2.6MB

  • Sample

    241112-sanf1stnft

  • MD5

    1c4793470fd45f09db1b9ff80f86c78d

  • SHA1

    9a01a2c9ae47f2d168966b18c9f40d57a65261be

  • SHA256

    e592be39823c9b7e2c949409a8026524e0c9982705a9ba081b34c3471e97908f

  • SHA512

    9ddd16d9a3a22effba069d2f6fd8830ebdd407442a30ec2492ab34937ab7ac2011c9e8e41b0ad54939001e2b0683e58dbf7a044a8c6bb6b59d2a9578c0af5430

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBqB/bSG:sxX7QnxrloE5dpUphbP

Malware Config

Targets

    • Target

      e592be39823c9b7e2c949409a8026524e0c9982705a9ba081b34c3471e97908f.exe

    • Size

      2.6MB

    • MD5

      1c4793470fd45f09db1b9ff80f86c78d

    • SHA1

      9a01a2c9ae47f2d168966b18c9f40d57a65261be

    • SHA256

      e592be39823c9b7e2c949409a8026524e0c9982705a9ba081b34c3471e97908f

    • SHA512

      9ddd16d9a3a22effba069d2f6fd8830ebdd407442a30ec2492ab34937ab7ac2011c9e8e41b0ad54939001e2b0683e58dbf7a044a8c6bb6b59d2a9578c0af5430

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBqB/bSG:sxX7QnxrloE5dpUphbP

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks