General

  • Target

    f914c3e4ffe7761bc3280bb836a88cdcf6ea4d2ce3bee4e286d36b86074ae3db

  • Size

    2.6MB

  • Sample

    241112-tk5zgswepr

  • MD5

    50cc66548c97c9fdc45a12af567fbd60

  • SHA1

    3db604a1aa251406bbc93c43a24dcb4d8cae61ca

  • SHA256

    f914c3e4ffe7761bc3280bb836a88cdcf6ea4d2ce3bee4e286d36b86074ae3db

  • SHA512

    95a7abea260457c98470f27822bfb159d2b5ac955864b321f07e2f88f09f4effe7030a4f7f4c0915e073304ede38bad01f30c90916f0f4a25912b028e73b758e

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBTB/bS:sxX7QnxrloE5dpUpgb

Malware Config

Targets

    • Target

      f914c3e4ffe7761bc3280bb836a88cdcf6ea4d2ce3bee4e286d36b86074ae3db

    • Size

      2.6MB

    • MD5

      50cc66548c97c9fdc45a12af567fbd60

    • SHA1

      3db604a1aa251406bbc93c43a24dcb4d8cae61ca

    • SHA256

      f914c3e4ffe7761bc3280bb836a88cdcf6ea4d2ce3bee4e286d36b86074ae3db

    • SHA512

      95a7abea260457c98470f27822bfb159d2b5ac955864b321f07e2f88f09f4effe7030a4f7f4c0915e073304ede38bad01f30c90916f0f4a25912b028e73b758e

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBTB/bS:sxX7QnxrloE5dpUpgb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks