General

  • Target

    c9ce30d0ff208256e366fcead82cf2c78db220dde0ec148178a693f398e7276f

  • Size

    397KB

  • Sample

    241112-tbz2wawdjm

  • MD5

    83ad15c6d50f1c0f83f387fb7d769a22

  • SHA1

    caa05a1c14f4f5e4479f012571deb0d80a37d30e

  • SHA256

    c9ce30d0ff208256e366fcead82cf2c78db220dde0ec148178a693f398e7276f

  • SHA512

    65f1fda9e1681041db11de1aaf1e49464557f1d0c79e59a38b4b1b8851c1bf7f523fb20dd8076bee0a4adbe660c4a04bb5748751a0a3a854f917d8bf7e15062f

  • SSDEEP

    6144:b134nDXYQ/BWJjmpgtBZQZKQj8p3jyb7HREd4SZ1tzLbF:b134DXYJmSTZwYp32bY4qtDF

Malware Config

Targets

    • Target

      c9ce30d0ff208256e366fcead82cf2c78db220dde0ec148178a693f398e7276f

    • Size

      397KB

    • MD5

      83ad15c6d50f1c0f83f387fb7d769a22

    • SHA1

      caa05a1c14f4f5e4479f012571deb0d80a37d30e

    • SHA256

      c9ce30d0ff208256e366fcead82cf2c78db220dde0ec148178a693f398e7276f

    • SHA512

      65f1fda9e1681041db11de1aaf1e49464557f1d0c79e59a38b4b1b8851c1bf7f523fb20dd8076bee0a4adbe660c4a04bb5748751a0a3a854f917d8bf7e15062f

    • SSDEEP

      6144:b134nDXYQ/BWJjmpgtBZQZKQj8p3jyb7HREd4SZ1tzLbF:b134DXYJmSTZwYp32bY4qtDF

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks