General

  • Target

    7dbc07643e15908d6b2a3772c475356accb511a95b5b4d91490fe0da4b5621de

  • Size

    717KB

  • Sample

    241112-tdehyswdmc

  • MD5

    c2a0bf9ffec4201f66aa3d49a93267b4

  • SHA1

    cd58c9c4a3b06dfb0f76b04654f49469a9c457e4

  • SHA256

    7dbc07643e15908d6b2a3772c475356accb511a95b5b4d91490fe0da4b5621de

  • SHA512

    aa5c70e3221dec06706d9e8ae8cac14b9de9e183b7f441438940a1effdea504cf89ca0babe8721e164c5a2b3839488941353d6acab8946812fe6ee2d2cee4f6c

  • SSDEEP

    12288:b13ufC6Aj+TN5uixZN+8rKhUdTC/wE1ZD0Ca5ZIXV:b1yLOS2opPIXV

Malware Config

Targets

    • Target

      7dbc07643e15908d6b2a3772c475356accb511a95b5b4d91490fe0da4b5621de

    • Size

      717KB

    • MD5

      c2a0bf9ffec4201f66aa3d49a93267b4

    • SHA1

      cd58c9c4a3b06dfb0f76b04654f49469a9c457e4

    • SHA256

      7dbc07643e15908d6b2a3772c475356accb511a95b5b4d91490fe0da4b5621de

    • SHA512

      aa5c70e3221dec06706d9e8ae8cac14b9de9e183b7f441438940a1effdea504cf89ca0babe8721e164c5a2b3839488941353d6acab8946812fe6ee2d2cee4f6c

    • SSDEEP

      12288:b13ufC6Aj+TN5uixZN+8rKhUdTC/wE1ZD0Ca5ZIXV:b1yLOS2opPIXV

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks