General

  • Target

    9a6259fd647fd19194a38bfbf342bcc9379e31c68d75303d6cc9d7a10a4aaf94N.exe

  • Size

    2.6MB

  • Sample

    241112-wnggeayamr

  • MD5

    4f4b30c85bc5c1862b6d4ee2b966b060

  • SHA1

    13f1dbe9db79a8b184f0be47d13ec172937c09b9

  • SHA256

    9a6259fd647fd19194a38bfbf342bcc9379e31c68d75303d6cc9d7a10a4aaf94

  • SHA512

    0693dba930ec92503a8e65314aefb0e1273ee5848817f0ed814f15e8f5611b4a50549012bc09de588e5c54a3e8e82e8566b946800db9887b94fe36cf11de2e0c

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBjB/bS:sxX7QnxrloE5dpUpgb

Malware Config

Targets

    • Target

      9a6259fd647fd19194a38bfbf342bcc9379e31c68d75303d6cc9d7a10a4aaf94N.exe

    • Size

      2.6MB

    • MD5

      4f4b30c85bc5c1862b6d4ee2b966b060

    • SHA1

      13f1dbe9db79a8b184f0be47d13ec172937c09b9

    • SHA256

      9a6259fd647fd19194a38bfbf342bcc9379e31c68d75303d6cc9d7a10a4aaf94

    • SHA512

      0693dba930ec92503a8e65314aefb0e1273ee5848817f0ed814f15e8f5611b4a50549012bc09de588e5c54a3e8e82e8566b946800db9887b94fe36cf11de2e0c

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBjB/bS:sxX7QnxrloE5dpUpgb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks