General

  • Target

    64ce856b6241c0a659537994e6f5404db31a65568a39c40549bd6afcc77e44a9.exe

  • Size

    2.6MB

  • Sample

    241113-p9qhwascpd

  • MD5

    26ba2430c9de6bf3a37949b011009158

  • SHA1

    5bc36e4b06ad717ab2c1b85cfd90c94ffe766691

  • SHA256

    64ce856b6241c0a659537994e6f5404db31a65568a39c40549bd6afcc77e44a9

  • SHA512

    53d6458d1c48b39d895a50cd1018fa1ffb1c4a410c837271d7dfe177cf303a6dc1fe34cfb09016abc0a1048f9a00dce4597080868e8b54ff4d5207138d71860c

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBdB/bSi:sxX7QnxrloE5dpUp+bt

Malware Config

Targets

    • Target

      64ce856b6241c0a659537994e6f5404db31a65568a39c40549bd6afcc77e44a9.exe

    • Size

      2.6MB

    • MD5

      26ba2430c9de6bf3a37949b011009158

    • SHA1

      5bc36e4b06ad717ab2c1b85cfd90c94ffe766691

    • SHA256

      64ce856b6241c0a659537994e6f5404db31a65568a39c40549bd6afcc77e44a9

    • SHA512

      53d6458d1c48b39d895a50cd1018fa1ffb1c4a410c837271d7dfe177cf303a6dc1fe34cfb09016abc0a1048f9a00dce4597080868e8b54ff4d5207138d71860c

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBdB/bSi:sxX7QnxrloE5dpUp+bt

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks