General

  • Target

    e8e4cefd17bfbd829d9c93f4b2cfa2b6fd04582eb994e58f15f2e1a5cf9e30c4N.exe

  • Size

    2.6MB

  • Sample

    241113-p4v66svrdq

  • MD5

    fb6f40000a49372f0572bcb65d7cdd90

  • SHA1

    0b8369170e6feae4e1f1bec4da8d8fe99d82b34b

  • SHA256

    e8e4cefd17bfbd829d9c93f4b2cfa2b6fd04582eb994e58f15f2e1a5cf9e30c4

  • SHA512

    bf1d91d5e8bac67233a8363e5c4541c5ee834a51544ad96a6f2d081cc0e68beac4186bd96ddac53a83ba5f27a66e66617d4401c0e728c10ed24c3dc7ce570e49

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBHB/bS:sxX7QnxrloE5dpUpAb

Malware Config

Targets

    • Target

      e8e4cefd17bfbd829d9c93f4b2cfa2b6fd04582eb994e58f15f2e1a5cf9e30c4N.exe

    • Size

      2.6MB

    • MD5

      fb6f40000a49372f0572bcb65d7cdd90

    • SHA1

      0b8369170e6feae4e1f1bec4da8d8fe99d82b34b

    • SHA256

      e8e4cefd17bfbd829d9c93f4b2cfa2b6fd04582eb994e58f15f2e1a5cf9e30c4

    • SHA512

      bf1d91d5e8bac67233a8363e5c4541c5ee834a51544ad96a6f2d081cc0e68beac4186bd96ddac53a83ba5f27a66e66617d4401c0e728c10ed24c3dc7ce570e49

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBHB/bS:sxX7QnxrloE5dpUpAb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks