General

  • Target

    0f9f308e834d8729d50daf418215d3951a4469bfa8bbc71a7679c82d65650d32.exe

  • Size

    2.6MB

  • Sample

    241112-v6qx5axgkb

  • MD5

    fdfa163cde0adcd42520d49c8b1eaaa0

  • SHA1

    d5c33f00071f245faee71367e3d58d961ff7f55a

  • SHA256

    0f9f308e834d8729d50daf418215d3951a4469bfa8bbc71a7679c82d65650d32

  • SHA512

    ace15a81d255a4b2d6df4d7f2382b0080fb5575b3d713f873717fcd29fcff738615bd204f9c89b0c4567b2d709fa007c39d802de455f3805e0af32e5921d9b01

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBYB/bSm:sxX7QnxrloE5dpUp3bn

Malware Config

Targets

    • Target

      0f9f308e834d8729d50daf418215d3951a4469bfa8bbc71a7679c82d65650d32.exe

    • Size

      2.6MB

    • MD5

      fdfa163cde0adcd42520d49c8b1eaaa0

    • SHA1

      d5c33f00071f245faee71367e3d58d961ff7f55a

    • SHA256

      0f9f308e834d8729d50daf418215d3951a4469bfa8bbc71a7679c82d65650d32

    • SHA512

      ace15a81d255a4b2d6df4d7f2382b0080fb5575b3d713f873717fcd29fcff738615bd204f9c89b0c4567b2d709fa007c39d802de455f3805e0af32e5921d9b01

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBYB/bSm:sxX7QnxrloE5dpUp3bn

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks