General

  • Target

    6c64d9b3bbef6f603db593323174a7b09ca376a7d16f7b2784a2e7d59fe1cf17.exe

  • Size

    2.6MB

  • Sample

    241112-vz4weawnaw

  • MD5

    5d3be743178ad000e65101946879fd7e

  • SHA1

    c2b5355a89c97c537a710b545a8d325cfc83dbb4

  • SHA256

    6c64d9b3bbef6f603db593323174a7b09ca376a7d16f7b2784a2e7d59fe1cf17

  • SHA512

    e1e30ffe84cb1315f940b0ee98263ec9267e5c862dca0bcf1dac08811c7418ca375bc26fb3a536d0e7438fafb4dc194d56dab68b290b8e788bfe3791c94979a4

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBfB/bSW:sxX7QnxrloE5dpUpwbn

Malware Config

Targets

    • Target

      6c64d9b3bbef6f603db593323174a7b09ca376a7d16f7b2784a2e7d59fe1cf17.exe

    • Size

      2.6MB

    • MD5

      5d3be743178ad000e65101946879fd7e

    • SHA1

      c2b5355a89c97c537a710b545a8d325cfc83dbb4

    • SHA256

      6c64d9b3bbef6f603db593323174a7b09ca376a7d16f7b2784a2e7d59fe1cf17

    • SHA512

      e1e30ffe84cb1315f940b0ee98263ec9267e5c862dca0bcf1dac08811c7418ca375bc26fb3a536d0e7438fafb4dc194d56dab68b290b8e788bfe3791c94979a4

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBfB/bSW:sxX7QnxrloE5dpUpwbn

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks