General

  • Target

    d31287425fc73894bfae3f41a41dce8fdaecd0f1bbb3f2513932ea3d0c18bd14.exe

  • Size

    2.6MB

  • Sample

    241112-wgyr4sxhpf

  • MD5

    3ab2e8264b5198752d939d674a64c061

  • SHA1

    4ee0eb4979dfc367c68eb381a90920b4c30b2261

  • SHA256

    d31287425fc73894bfae3f41a41dce8fdaecd0f1bbb3f2513932ea3d0c18bd14

  • SHA512

    c568704500526af95c3b17ebf52650fe29bec63ebd0826b2d7bd64f0825b73bbb3e2f0ca7005dd0b15b45d14c8f28c2997ba0f8a18eeadb648e9d115b9e24087

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBZB/bSqH:sxX7QnxrloE5dpUpebVH

Malware Config

Targets

    • Target

      d31287425fc73894bfae3f41a41dce8fdaecd0f1bbb3f2513932ea3d0c18bd14.exe

    • Size

      2.6MB

    • MD5

      3ab2e8264b5198752d939d674a64c061

    • SHA1

      4ee0eb4979dfc367c68eb381a90920b4c30b2261

    • SHA256

      d31287425fc73894bfae3f41a41dce8fdaecd0f1bbb3f2513932ea3d0c18bd14

    • SHA512

      c568704500526af95c3b17ebf52650fe29bec63ebd0826b2d7bd64f0825b73bbb3e2f0ca7005dd0b15b45d14c8f28c2997ba0f8a18eeadb648e9d115b9e24087

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBZB/bSqH:sxX7QnxrloE5dpUpebVH

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks