General

  • Target

    fc4341f22e81a9b91287c1852d98ee37ff71599e2c6a1c35f5a09a94bfd2df55.exe

  • Size

    1.2MB

  • Sample

    241112-tre2mswfpl

  • MD5

    c45bad52a1ed5138cd59804053ca6f69

  • SHA1

    a2d86380fc208f1a6d32f24c236ac90fde87f472

  • SHA256

    fc4341f22e81a9b91287c1852d98ee37ff71599e2c6a1c35f5a09a94bfd2df55

  • SHA512

    8eb35e6985c1534b65c4c25571a0023dea40c6d3645b1d1a337e2367a324079c8bd0d689ccc4ab9e8d7e827c734fbbdc531d1936184cf9983a97d9f5aa396c55

  • SSDEEP

    24576:4ak/7Nk4RZybornKZu0zoFmDcpii9iGn+W269SYUVgeKIGz8oDqE2:4ak/vrKZu+k0WdE220KVHnGIo+E2

Malware Config

Targets

    • Target

      fc4341f22e81a9b91287c1852d98ee37ff71599e2c6a1c35f5a09a94bfd2df55.exe

    • Size

      1.2MB

    • MD5

      c45bad52a1ed5138cd59804053ca6f69

    • SHA1

      a2d86380fc208f1a6d32f24c236ac90fde87f472

    • SHA256

      fc4341f22e81a9b91287c1852d98ee37ff71599e2c6a1c35f5a09a94bfd2df55

    • SHA512

      8eb35e6985c1534b65c4c25571a0023dea40c6d3645b1d1a337e2367a324079c8bd0d689ccc4ab9e8d7e827c734fbbdc531d1936184cf9983a97d9f5aa396c55

    • SSDEEP

      24576:4ak/7Nk4RZybornKZu0zoFmDcpii9iGn+W269SYUVgeKIGz8oDqE2:4ak/vrKZu+k0WdE220KVHnGIo+E2

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks