General

  • Target

    010279c66200950fffb1632ca2f7b690871d081a91b885a8f90ac74fd7606c6bN.exe

  • Size

    2.6MB

  • Sample

    241112-wxc6caycjj

  • MD5

    ca2885eedb6fc1470c5f0971bdd8e6d0

  • SHA1

    d61907f9e3408d200165fcf5f6cafc5b569e9dd6

  • SHA256

    010279c66200950fffb1632ca2f7b690871d081a91b885a8f90ac74fd7606c6b

  • SHA512

    95ee5edad3ebedafb680076c37f5881971ec7ebd2bb8d90ba110f995725090d62fdca5ef324b8c596a3d664f2391a623afd53c6359637d886a5d3c4fedd6ab68

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB5B/bSq:sxX7QnxrloE5dpUpWbV

Malware Config

Targets

    • Target

      010279c66200950fffb1632ca2f7b690871d081a91b885a8f90ac74fd7606c6bN.exe

    • Size

      2.6MB

    • MD5

      ca2885eedb6fc1470c5f0971bdd8e6d0

    • SHA1

      d61907f9e3408d200165fcf5f6cafc5b569e9dd6

    • SHA256

      010279c66200950fffb1632ca2f7b690871d081a91b885a8f90ac74fd7606c6b

    • SHA512

      95ee5edad3ebedafb680076c37f5881971ec7ebd2bb8d90ba110f995725090d62fdca5ef324b8c596a3d664f2391a623afd53c6359637d886a5d3c4fedd6ab68

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB5B/bSq:sxX7QnxrloE5dpUpWbV

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks