General

  • Target

    bfde63f56b115b56e7912de7b879089b33088b00a74c8548609678cc69851dd2.exe

  • Size

    2.6MB

  • Sample

    241112-twk4fswgmd

  • MD5

    54ce19fab61f82669fc916831d812d2d

  • SHA1

    69834233506298d226c8070048adbe4c9a9c52ab

  • SHA256

    bfde63f56b115b56e7912de7b879089b33088b00a74c8548609678cc69851dd2

  • SHA512

    545f208e91c790ee434045f779389c1fdd0674fea7a43b97795b42f25ece21d4057ac2f245ba723a337aefd5003191a5a448675ca53e8e51fa6181030aac2ec7

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBgB/bSqn:sxX7QnxrloE5dpUpfbVn

Malware Config

Targets

    • Target

      bfde63f56b115b56e7912de7b879089b33088b00a74c8548609678cc69851dd2.exe

    • Size

      2.6MB

    • MD5

      54ce19fab61f82669fc916831d812d2d

    • SHA1

      69834233506298d226c8070048adbe4c9a9c52ab

    • SHA256

      bfde63f56b115b56e7912de7b879089b33088b00a74c8548609678cc69851dd2

    • SHA512

      545f208e91c790ee434045f779389c1fdd0674fea7a43b97795b42f25ece21d4057ac2f245ba723a337aefd5003191a5a448675ca53e8e51fa6181030aac2ec7

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBgB/bSqn:sxX7QnxrloE5dpUpfbVn

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks