General

  • Target

    78ce28628a00a814e030e59e3e8998f80199297955c11a6ee9327f261e4cf311N.exe

  • Size

    2.6MB

  • Sample

    241112-wtbs4sybld

  • MD5

    6a1082924f34f7609c47cbfca0f3f5f0

  • SHA1

    135d50a2150dad1c2ecb9ede7a47d2c2bc9ad091

  • SHA256

    78ce28628a00a814e030e59e3e8998f80199297955c11a6ee9327f261e4cf311

  • SHA512

    da95c8b159df8ba884ea1b833385445bee83481f1b6cfe09a10bf7f4c2ab3efc74543572ebf322b00d80e3dc436c294b0217f91c6b8475add7afeba8b5efdfcf

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBiB/bS:sxX7QnxrloE5dpUpBb

Malware Config

Targets

    • Target

      78ce28628a00a814e030e59e3e8998f80199297955c11a6ee9327f261e4cf311N.exe

    • Size

      2.6MB

    • MD5

      6a1082924f34f7609c47cbfca0f3f5f0

    • SHA1

      135d50a2150dad1c2ecb9ede7a47d2c2bc9ad091

    • SHA256

      78ce28628a00a814e030e59e3e8998f80199297955c11a6ee9327f261e4cf311

    • SHA512

      da95c8b159df8ba884ea1b833385445bee83481f1b6cfe09a10bf7f4c2ab3efc74543572ebf322b00d80e3dc436c294b0217f91c6b8475add7afeba8b5efdfcf

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBiB/bS:sxX7QnxrloE5dpUpBb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks