General

  • Target

    7f51fb3a19de4b1ff7b9ade65da49f0e4fd23124b8e7c2b5f266a3eb1ba4d276N.exe

  • Size

    2.6MB

  • Sample

    241112-wkwrxsxhrq

  • MD5

    ca416be19ecb2a9c484d44ae10424460

  • SHA1

    deba95ae6e926a92f69a0e9dd30ced5aebfce034

  • SHA256

    7f51fb3a19de4b1ff7b9ade65da49f0e4fd23124b8e7c2b5f266a3eb1ba4d276

  • SHA512

    eaa386f61fcde661ddcf39c6a588a2f38a5ecb91f8d7037220ce4dfdac6b2812fddceccee9f599e5a6e827fba66ee2435e85830346ea2fb80e32b12b3a2ad3ec

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBSB/bS:sxX7QnxrloE5dpUpxb

Malware Config

Targets

    • Target

      7f51fb3a19de4b1ff7b9ade65da49f0e4fd23124b8e7c2b5f266a3eb1ba4d276N.exe

    • Size

      2.6MB

    • MD5

      ca416be19ecb2a9c484d44ae10424460

    • SHA1

      deba95ae6e926a92f69a0e9dd30ced5aebfce034

    • SHA256

      7f51fb3a19de4b1ff7b9ade65da49f0e4fd23124b8e7c2b5f266a3eb1ba4d276

    • SHA512

      eaa386f61fcde661ddcf39c6a588a2f38a5ecb91f8d7037220ce4dfdac6b2812fddceccee9f599e5a6e827fba66ee2435e85830346ea2fb80e32b12b3a2ad3ec

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBSB/bS:sxX7QnxrloE5dpUpxb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks