General

  • Target

    0284eb592d1321a81f75d6537e5687e343e114e4584f575904ec1ca25d172761

  • Size

    2.6MB

  • Sample

    241112-xvaswasleq

  • MD5

    8b60a81f1c60b41bea50faff6eac9655

  • SHA1

    fe25d090111b9e7ce2c3f4cbaf12f69d8243fcec

  • SHA256

    0284eb592d1321a81f75d6537e5687e343e114e4584f575904ec1ca25d172761

  • SHA512

    464468205a73ee96870d3f0ebb6cc67d4605e7a9196e49cdfde1dd14b815acc7bc5c9bf8343bf8746e4df13475e3869224c26c0a73f146b304304c1256c12c9c

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBXB/bS:sxX7QnxrloE5dpUp4b

Malware Config

Targets

    • Target

      0284eb592d1321a81f75d6537e5687e343e114e4584f575904ec1ca25d172761

    • Size

      2.6MB

    • MD5

      8b60a81f1c60b41bea50faff6eac9655

    • SHA1

      fe25d090111b9e7ce2c3f4cbaf12f69d8243fcec

    • SHA256

      0284eb592d1321a81f75d6537e5687e343e114e4584f575904ec1ca25d172761

    • SHA512

      464468205a73ee96870d3f0ebb6cc67d4605e7a9196e49cdfde1dd14b815acc7bc5c9bf8343bf8746e4df13475e3869224c26c0a73f146b304304c1256c12c9c

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBXB/bS:sxX7QnxrloE5dpUp4b

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks