General

  • Target

    d134afabef1ba2388f0121a0eaef3d9177c13b15e0b2036b771a8902e6afad6c.exe

  • Size

    2.6MB

  • Sample

    241112-skc32atqby

  • MD5

    9af284156c84eab556cc8c0aa012af39

  • SHA1

    9e864e0a086d62d7f317890a03f8b3c668038d18

  • SHA256

    d134afabef1ba2388f0121a0eaef3d9177c13b15e0b2036b771a8902e6afad6c

  • SHA512

    4fd92c585f698728ae5f68785e0db5254a002672676ddc104c519b302130e7d6bf7ea7cb328cd16721863e42213ee5a39a5149418e4bf6f211af9974cb75f66f

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBoB/bSW:sxX7QnxrloE5dpUpLbH

Malware Config

Targets

    • Target

      d134afabef1ba2388f0121a0eaef3d9177c13b15e0b2036b771a8902e6afad6c.exe

    • Size

      2.6MB

    • MD5

      9af284156c84eab556cc8c0aa012af39

    • SHA1

      9e864e0a086d62d7f317890a03f8b3c668038d18

    • SHA256

      d134afabef1ba2388f0121a0eaef3d9177c13b15e0b2036b771a8902e6afad6c

    • SHA512

      4fd92c585f698728ae5f68785e0db5254a002672676ddc104c519b302130e7d6bf7ea7cb328cd16721863e42213ee5a39a5149418e4bf6f211af9974cb75f66f

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBoB/bSW:sxX7QnxrloE5dpUpLbH

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks