General

  • Target

    359692fc0cb2cdc1f2380f0607316766b76babb2ca1f1e51ffd31e9d35295c62

  • Size

    2.6MB

  • Sample

    241112-whl5ps1len

  • MD5

    9dd80379ab23a396f8f3546c99314e80

  • SHA1

    1da5b41b4b7bab3ce3fd4a197ae61837bf758536

  • SHA256

    359692fc0cb2cdc1f2380f0607316766b76babb2ca1f1e51ffd31e9d35295c62

  • SHA512

    ea38808b004fec7cc43b1391064796f7e1741ea219ce13a26b53c554c15f5d10b1e461d5fc3b061d9d2f980b981c6ecfc74fc642a3ac99f2a7cc449c19a0afb5

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBsB/bS:sxX7QnxrloE5dpUpDb

Malware Config

Targets

    • Target

      359692fc0cb2cdc1f2380f0607316766b76babb2ca1f1e51ffd31e9d35295c62

    • Size

      2.6MB

    • MD5

      9dd80379ab23a396f8f3546c99314e80

    • SHA1

      1da5b41b4b7bab3ce3fd4a197ae61837bf758536

    • SHA256

      359692fc0cb2cdc1f2380f0607316766b76babb2ca1f1e51ffd31e9d35295c62

    • SHA512

      ea38808b004fec7cc43b1391064796f7e1741ea219ce13a26b53c554c15f5d10b1e461d5fc3b061d9d2f980b981c6ecfc74fc642a3ac99f2a7cc449c19a0afb5

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBsB/bS:sxX7QnxrloE5dpUpDb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks