General

  • Target

    f906cfc9549fcde96849fc89abf5700f647fd7427077735d0747f9b3948d2f58.exe

  • Size

    2.6MB

  • Sample

    241112-wamfhawphy

  • MD5

    0381f5469868c56d4b301fc63c832614

  • SHA1

    1508ba5e7cc91f1abcaf6613d441dd0305dccf00

  • SHA256

    f906cfc9549fcde96849fc89abf5700f647fd7427077735d0747f9b3948d2f58

  • SHA512

    1a8214231b709f6c1369f16b782a805cc684b0547e8973a0701f3e990162d136b8d9abb1e352d0a7454954f981e662d4b17d9a3f24b7a11720718f615935ee04

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBQB/bSy:sxX7QnxrloE5dpUpLbd

Malware Config

Targets

    • Target

      f906cfc9549fcde96849fc89abf5700f647fd7427077735d0747f9b3948d2f58.exe

    • Size

      2.6MB

    • MD5

      0381f5469868c56d4b301fc63c832614

    • SHA1

      1508ba5e7cc91f1abcaf6613d441dd0305dccf00

    • SHA256

      f906cfc9549fcde96849fc89abf5700f647fd7427077735d0747f9b3948d2f58

    • SHA512

      1a8214231b709f6c1369f16b782a805cc684b0547e8973a0701f3e990162d136b8d9abb1e352d0a7454954f981e662d4b17d9a3f24b7a11720718f615935ee04

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBQB/bSy:sxX7QnxrloE5dpUpLbd

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks