Resubmissions

12/11/2024, 16:23

241112-tvxqvszkfr 8

12/11/2024, 16:19

241112-tsjffszkcl 7

General

  • Target

    OperaGXSetup.exe

  • Size

    3.2MB

  • Sample

    241112-tsjffszkcl

  • MD5

    09f91d734ea9cef7f3fb69ecc68ca307

  • SHA1

    80c1dbf9182af31e363be179c219a052796e6c2e

  • SHA256

    a41e2ef96862d18436b289a6391c791ac2d0833059dd2a85319a4faf3b57d1c1

  • SHA512

    c93544706d38eedabef237b60f131af810729c4ab152feaffe762c56ef408224832e042f6a8f0870c364666ed0682dc13ad1d1c9ee5abc0ca28121c5df75864a

  • SSDEEP

    49152:yVAbwPZo8iIk9k6qkbnzlpp+E6k5ucpKx9OA/cIq6XdEHi8kmtxvDTZvjFhBv9:2A4diGkbnfMEZEcpwHq6NMiaDNbD

Malware Config

Targets

    • Target

      OperaGXSetup.exe

    • Size

      3.2MB

    • MD5

      09f91d734ea9cef7f3fb69ecc68ca307

    • SHA1

      80c1dbf9182af31e363be179c219a052796e6c2e

    • SHA256

      a41e2ef96862d18436b289a6391c791ac2d0833059dd2a85319a4faf3b57d1c1

    • SHA512

      c93544706d38eedabef237b60f131af810729c4ab152feaffe762c56ef408224832e042f6a8f0870c364666ed0682dc13ad1d1c9ee5abc0ca28121c5df75864a

    • SSDEEP

      49152:yVAbwPZo8iIk9k6qkbnzlpp+E6k5ucpKx9OA/cIq6XdEHi8kmtxvDTZvjFhBv9:2A4diGkbnfMEZEcpwHq6NMiaDNbD

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks