General

  • Target

    41c9d15dcb4daf97705c7f816e0f5e7fe1ddc41a0349a11fc33bd691990ff6bb

  • Size

    56KB

  • Sample

    241112-tdqafswdnl

  • MD5

    542355c167c9a30c8094c1012458f71b

  • SHA1

    1ed480bff1f7a0eb9312899d60f10972626d083c

  • SHA256

    41c9d15dcb4daf97705c7f816e0f5e7fe1ddc41a0349a11fc33bd691990ff6bb

  • SHA512

    97bab26655751870c6487389e58b58b94ec2fc1e5ce997410a6590b7642a2cfa50a1ac0e31572f7e813385b9f69e0036b70d502cdeb2e38f919df775f1590243

  • SSDEEP

    768:hwpQFJFKZj1PVs9Ag1vzblhcCnFXNs0NfkprU/xvyyxqgt6jpYU5ltbDrYiI0oPC:hFcx1aeg1vjrI9U/xvyyz6jWWvr78Pxc

Malware Config

Targets

    • Target

      41c9d15dcb4daf97705c7f816e0f5e7fe1ddc41a0349a11fc33bd691990ff6bb

    • Size

      56KB

    • MD5

      542355c167c9a30c8094c1012458f71b

    • SHA1

      1ed480bff1f7a0eb9312899d60f10972626d083c

    • SHA256

      41c9d15dcb4daf97705c7f816e0f5e7fe1ddc41a0349a11fc33bd691990ff6bb

    • SHA512

      97bab26655751870c6487389e58b58b94ec2fc1e5ce997410a6590b7642a2cfa50a1ac0e31572f7e813385b9f69e0036b70d502cdeb2e38f919df775f1590243

    • SSDEEP

      768:hwpQFJFKZj1PVs9Ag1vzblhcCnFXNs0NfkprU/xvyyxqgt6jpYU5ltbDrYiI0oPC:hFcx1aeg1vjrI9U/xvyyz6jWWvr78Pxc

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks