General

  • Target

    027cc196776b48d173b3f21857954a9544a58ad2ad96d835ce2eb22b6c2e2574

  • Size

    2.6MB

  • Sample

    241112-xt65paslen

  • MD5

    4e85fa2c32b3a6473ab35cfa89f5bc03

  • SHA1

    941679ad1690371284f9b02c5ae6b0d2b7bcfcb0

  • SHA256

    027cc196776b48d173b3f21857954a9544a58ad2ad96d835ce2eb22b6c2e2574

  • SHA512

    7fda6531a03c8fd96bb21e425d554b334f0e81a7fe4cc2ef7f6b3fcd0e34a073f417d7cd373d640c7bca51cbe3b3dafe2010ff33dafdf6c1054ec7725efee9ab

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBNB/bS:sxX7QnxrloE5dpUpGb

Malware Config

Targets

    • Target

      027cc196776b48d173b3f21857954a9544a58ad2ad96d835ce2eb22b6c2e2574

    • Size

      2.6MB

    • MD5

      4e85fa2c32b3a6473ab35cfa89f5bc03

    • SHA1

      941679ad1690371284f9b02c5ae6b0d2b7bcfcb0

    • SHA256

      027cc196776b48d173b3f21857954a9544a58ad2ad96d835ce2eb22b6c2e2574

    • SHA512

      7fda6531a03c8fd96bb21e425d554b334f0e81a7fe4cc2ef7f6b3fcd0e34a073f417d7cd373d640c7bca51cbe3b3dafe2010ff33dafdf6c1054ec7725efee9ab

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBNB/bS:sxX7QnxrloE5dpUpGb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks