General

  • Target

    6a08e2f3e17365fa9f52d8aaebd5cee9c9d56da0e845ce989f7fcbac2a4f2dc9N.exe

  • Size

    2.6MB

  • Sample

    241112-skzl2aykfm

  • MD5

    eacdf92a89a6665b4d91a59d24628fe0

  • SHA1

    d0d05c27ee35b3713cf71f8441fbb69239cbcc70

  • SHA256

    6a08e2f3e17365fa9f52d8aaebd5cee9c9d56da0e845ce989f7fcbac2a4f2dc9

  • SHA512

    62e2c9d8717f8d3891209d15aaa855667e77c0971c80d9d5aacc599e0c9008a1471d895faf477eef73f8cb04e5a9380f2243a07b52f48240bf82649ca1cb4f9c

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB6B/bSq:sxX7QnxrloE5dpUpxbV

Malware Config

Targets

    • Target

      6a08e2f3e17365fa9f52d8aaebd5cee9c9d56da0e845ce989f7fcbac2a4f2dc9N.exe

    • Size

      2.6MB

    • MD5

      eacdf92a89a6665b4d91a59d24628fe0

    • SHA1

      d0d05c27ee35b3713cf71f8441fbb69239cbcc70

    • SHA256

      6a08e2f3e17365fa9f52d8aaebd5cee9c9d56da0e845ce989f7fcbac2a4f2dc9

    • SHA512

      62e2c9d8717f8d3891209d15aaa855667e77c0971c80d9d5aacc599e0c9008a1471d895faf477eef73f8cb04e5a9380f2243a07b52f48240bf82649ca1cb4f9c

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB6B/bSq:sxX7QnxrloE5dpUpxbV

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks