General

  • Target

    a6c5104ad7fd157e9679accc1d81c3b8ec25bab79a077e852b7bdfbe804fb619

  • Size

    2.6MB

  • Sample

    241113-p5386ssclh

  • MD5

    cc762127c1f615e6ccd3d97d07028370

  • SHA1

    805f371aaf28ef5238db456089f0c8b2f3af07a8

  • SHA256

    a6c5104ad7fd157e9679accc1d81c3b8ec25bab79a077e852b7bdfbe804fb619

  • SHA512

    c878956652911cd3e4926e88d46542a00c954082e4d5f958f8d33f7d2bfb2cf5b83d93b61a55922cae94597a9b7d9c09fb314263e4fb93f3f7815fc99f90814a

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBtB/bS:sxX7QnxrloE5dpUpKb

Malware Config

Targets

    • Target

      a6c5104ad7fd157e9679accc1d81c3b8ec25bab79a077e852b7bdfbe804fb619

    • Size

      2.6MB

    • MD5

      cc762127c1f615e6ccd3d97d07028370

    • SHA1

      805f371aaf28ef5238db456089f0c8b2f3af07a8

    • SHA256

      a6c5104ad7fd157e9679accc1d81c3b8ec25bab79a077e852b7bdfbe804fb619

    • SHA512

      c878956652911cd3e4926e88d46542a00c954082e4d5f958f8d33f7d2bfb2cf5b83d93b61a55922cae94597a9b7d9c09fb314263e4fb93f3f7815fc99f90814a

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBtB/bS:sxX7QnxrloE5dpUpKb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks