General

  • Target

    3d6e13d39e644df72b1212a9374ec8e6481d37f4b67baf0f5acc2d6d311cd68dN.exe

  • Size

    2.6MB

  • Sample

    241112-v1k5paxenq

  • MD5

    f201103fe76a812f7a30f4ba5fef8440

  • SHA1

    bb40693eb3a6b6a74c1565bae58fed1fabcebb3f

  • SHA256

    3d6e13d39e644df72b1212a9374ec8e6481d37f4b67baf0f5acc2d6d311cd68d

  • SHA512

    aadb325ae855473e06e1b5b625ac16ec07e8a3ec16b0e9ef361606e3c6169b025271f98d7d4ca2c44c1ac7c4f212942175f23d8dcf0663897e7a24c4e24b7dc2

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBDB/bSq:sxX7QnxrloE5dpUp0bV

Malware Config

Targets

    • Target

      3d6e13d39e644df72b1212a9374ec8e6481d37f4b67baf0f5acc2d6d311cd68dN.exe

    • Size

      2.6MB

    • MD5

      f201103fe76a812f7a30f4ba5fef8440

    • SHA1

      bb40693eb3a6b6a74c1565bae58fed1fabcebb3f

    • SHA256

      3d6e13d39e644df72b1212a9374ec8e6481d37f4b67baf0f5acc2d6d311cd68d

    • SHA512

      aadb325ae855473e06e1b5b625ac16ec07e8a3ec16b0e9ef361606e3c6169b025271f98d7d4ca2c44c1ac7c4f212942175f23d8dcf0663897e7a24c4e24b7dc2

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBDB/bSq:sxX7QnxrloE5dpUp0bV

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks