General

  • Target

    a09d2dbba6427184a1328c6c241782152ee033332af3c959dfc58a4520ea9d51.exe

  • Size

    2.6MB

  • Sample

    241112-wspnks1mhq

  • MD5

    a08d61df4361b9112dbe74e876f76818

  • SHA1

    0ba987719a21d9635cee79cfd0ce84a3c7683a0b

  • SHA256

    a09d2dbba6427184a1328c6c241782152ee033332af3c959dfc58a4520ea9d51

  • SHA512

    2220cac713bdebdee42975a4d6bdbc66824f07759e1b7ca9a71b6ba425d93f212523e905baade0e36ba0181316b15c3463aecbf4ed3e39032a059a544c754428

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB8B/bSqt:sxX7QnxrloE5dpUpPbVt

Malware Config

Targets

    • Target

      a09d2dbba6427184a1328c6c241782152ee033332af3c959dfc58a4520ea9d51.exe

    • Size

      2.6MB

    • MD5

      a08d61df4361b9112dbe74e876f76818

    • SHA1

      0ba987719a21d9635cee79cfd0ce84a3c7683a0b

    • SHA256

      a09d2dbba6427184a1328c6c241782152ee033332af3c959dfc58a4520ea9d51

    • SHA512

      2220cac713bdebdee42975a4d6bdbc66824f07759e1b7ca9a71b6ba425d93f212523e905baade0e36ba0181316b15c3463aecbf4ed3e39032a059a544c754428

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB8B/bSqt:sxX7QnxrloE5dpUpPbVt

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks