General

  • Target

    6849d45649108e84368229173f43fec5f2d307e44747c9aa35c8e82e75818002N.exe

  • Size

    2.6MB

  • Sample

    241113-pz8ayavrbp

  • MD5

    cdd9481cde98076ee9f494354a620be0

  • SHA1

    cccf17c750fa0ea1111539b5fe90ea71428942e8

  • SHA256

    6849d45649108e84368229173f43fec5f2d307e44747c9aa35c8e82e75818002

  • SHA512

    64b7801f35d68a39be5364337a13a219ad346c70237c9c3e00668dd44c072c5eec8b2954b2ef13f78223d1778a94559e22487225e213dd86430927ba4c9ac829

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBPB/bS:sxX7QnxrloE5dpUpMb

Malware Config

Targets

    • Target

      6849d45649108e84368229173f43fec5f2d307e44747c9aa35c8e82e75818002N.exe

    • Size

      2.6MB

    • MD5

      cdd9481cde98076ee9f494354a620be0

    • SHA1

      cccf17c750fa0ea1111539b5fe90ea71428942e8

    • SHA256

      6849d45649108e84368229173f43fec5f2d307e44747c9aa35c8e82e75818002

    • SHA512

      64b7801f35d68a39be5364337a13a219ad346c70237c9c3e00668dd44c072c5eec8b2954b2ef13f78223d1778a94559e22487225e213dd86430927ba4c9ac829

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBPB/bS:sxX7QnxrloE5dpUpMb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks