General

  • Target

    18f03a06fe27c4a5bbe2736fa62ace2850e153f9b67635b10d7d532359d6813c.exe

  • Size

    2.6MB

  • Sample

    241112-wrrfsaybja

  • MD5

    3f84cd98491665914bc142ed74bb56de

  • SHA1

    49016d3dac2d29fcbd8027e8428143cabe1cc46c

  • SHA256

    18f03a06fe27c4a5bbe2736fa62ace2850e153f9b67635b10d7d532359d6813c

  • SHA512

    f0aaa8c9265c82a430ff2b924b9bea325f797a9f86d04ca6f5c99ae5a066b731f9ed594b1f6142a5d815793b3b96c8bbbb851bee66d37d2973bcfe8b8250f2cc

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBmB/bSql:sxX7QnxrloE5dpUp5bVl

Malware Config

Targets

    • Target

      18f03a06fe27c4a5bbe2736fa62ace2850e153f9b67635b10d7d532359d6813c.exe

    • Size

      2.6MB

    • MD5

      3f84cd98491665914bc142ed74bb56de

    • SHA1

      49016d3dac2d29fcbd8027e8428143cabe1cc46c

    • SHA256

      18f03a06fe27c4a5bbe2736fa62ace2850e153f9b67635b10d7d532359d6813c

    • SHA512

      f0aaa8c9265c82a430ff2b924b9bea325f797a9f86d04ca6f5c99ae5a066b731f9ed594b1f6142a5d815793b3b96c8bbbb851bee66d37d2973bcfe8b8250f2cc

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBmB/bSql:sxX7QnxrloE5dpUp5bVl

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks