General

  • Target

    da4d5a83fa322bff760d10fa6c3cdb9fcc2c68644993e60e4b22196c1e8c0803.exe

  • Size

    2.6MB

  • Sample

    241113-pm1ekasalh

  • MD5

    3eb04d520e326181301533952d8b9722

  • SHA1

    e054ddaf885a29bbb222131223c5f3b30b32bf8e

  • SHA256

    da4d5a83fa322bff760d10fa6c3cdb9fcc2c68644993e60e4b22196c1e8c0803

  • SHA512

    9d50a2a2a5fa658bed614d0c3335a501527f5da13c6b3c54ad6615267a4832e732528ad8fbd493c8d8b27c987411be5648d2de8d9a54749fa083c248fc917676

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBSB/bSqv:sxX7QnxrloE5dpUp9bVv

Malware Config

Targets

    • Target

      da4d5a83fa322bff760d10fa6c3cdb9fcc2c68644993e60e4b22196c1e8c0803.exe

    • Size

      2.6MB

    • MD5

      3eb04d520e326181301533952d8b9722

    • SHA1

      e054ddaf885a29bbb222131223c5f3b30b32bf8e

    • SHA256

      da4d5a83fa322bff760d10fa6c3cdb9fcc2c68644993e60e4b22196c1e8c0803

    • SHA512

      9d50a2a2a5fa658bed614d0c3335a501527f5da13c6b3c54ad6615267a4832e732528ad8fbd493c8d8b27c987411be5648d2de8d9a54749fa083c248fc917676

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBSB/bSqv:sxX7QnxrloE5dpUp9bVv

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks