General

  • Target

    ЯбраузерSetup.exe

  • Size

    104.9MB

  • Sample

    241112-xtklpaygre

  • MD5

    4b83cf7f4fec2c1cb3b66221eae4745f

  • SHA1

    b2d1c4c02201f1ab1cba8c48f641e3f2294868df

  • SHA256

    55754f890d560d8b352dfb58d1cbc27b9afac129b25e5828b0c5b99e151f9038

  • SHA512

    802c87970a017c8412e932edfa2adddac1a97c2e0ca37a89e1b7a215c98dbf2f4a8b5cb7592e0e9e4324398d634fa1159d3ea3169d5b7786af8d387a790cfa3e

  • SSDEEP

    1572864:vuf/OcibswtiDDumBsE0jLKuSRpeDB1/gF9AJ4jH5FQRDeJnstmUfySiEiO2pI5f:vcbibswYGJxuetGIp2EWI5s9a

Score
7/10

Malware Config

Targets

    • Target

      ЯбраузерSetup.exe

    • Size

      104.9MB

    • MD5

      4b83cf7f4fec2c1cb3b66221eae4745f

    • SHA1

      b2d1c4c02201f1ab1cba8c48f641e3f2294868df

    • SHA256

      55754f890d560d8b352dfb58d1cbc27b9afac129b25e5828b0c5b99e151f9038

    • SHA512

      802c87970a017c8412e932edfa2adddac1a97c2e0ca37a89e1b7a215c98dbf2f4a8b5cb7592e0e9e4324398d634fa1159d3ea3169d5b7786af8d387a790cfa3e

    • SSDEEP

      1572864:vuf/OcibswtiDDumBsE0jLKuSRpeDB1/gF9AJ4jH5FQRDeJnstmUfySiEiO2pI5f:vcbibswYGJxuetGIp2EWI5s9a

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks