General

  • Target

    884428e557f0ae3a726a06d1419a456f19bb6d4c6f2dce92aade8e08435dfee3

  • Size

    2.6MB

  • Sample

    241112-tfw6sayqhl

  • MD5

    a9a45383d2890b316aeb4e7915adb130

  • SHA1

    20f5bfbbc8c210768f2e98d31fb2531ba87b7419

  • SHA256

    884428e557f0ae3a726a06d1419a456f19bb6d4c6f2dce92aade8e08435dfee3

  • SHA512

    f9945c5d8726c6846cc09d0e24fbc2d1dd5a3c583d9740760c601b883c20791f2aa1fedbfea5121d80552e3caf9e4f33d429f35f55b73645407fc08a466a4c22

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBPB/bS:sxX7QnxrloE5dpUpQb

Malware Config

Targets

    • Target

      884428e557f0ae3a726a06d1419a456f19bb6d4c6f2dce92aade8e08435dfee3

    • Size

      2.6MB

    • MD5

      a9a45383d2890b316aeb4e7915adb130

    • SHA1

      20f5bfbbc8c210768f2e98d31fb2531ba87b7419

    • SHA256

      884428e557f0ae3a726a06d1419a456f19bb6d4c6f2dce92aade8e08435dfee3

    • SHA512

      f9945c5d8726c6846cc09d0e24fbc2d1dd5a3c583d9740760c601b883c20791f2aa1fedbfea5121d80552e3caf9e4f33d429f35f55b73645407fc08a466a4c22

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBPB/bS:sxX7QnxrloE5dpUpQb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks