General

  • Target

    81ef1480021e456290fd9eff8981aa4e518c59a13641e547187350113039d821N.exe

  • Size

    2.6MB

  • Sample

    241113-pzh12svram

  • MD5

    5f72c6218a50f4df9a073be33e34c1e0

  • SHA1

    fe793c1c608eba92b8211447e36e197eaedc5435

  • SHA256

    81ef1480021e456290fd9eff8981aa4e518c59a13641e547187350113039d821

  • SHA512

    57859c7e6cdfe582dfe676e70ad981cb3154c0179ffd520e3f557b2df78f6ade3fc84835798f73d27143f24c616533105057404cfb390f96b1300e2cdd1c9ad3

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB6B/bSq:sxX7QnxrloE5dpUpxbV

Malware Config

Targets

    • Target

      81ef1480021e456290fd9eff8981aa4e518c59a13641e547187350113039d821N.exe

    • Size

      2.6MB

    • MD5

      5f72c6218a50f4df9a073be33e34c1e0

    • SHA1

      fe793c1c608eba92b8211447e36e197eaedc5435

    • SHA256

      81ef1480021e456290fd9eff8981aa4e518c59a13641e547187350113039d821

    • SHA512

      57859c7e6cdfe582dfe676e70ad981cb3154c0179ffd520e3f557b2df78f6ade3fc84835798f73d27143f24c616533105057404cfb390f96b1300e2cdd1c9ad3

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB6B/bSq:sxX7QnxrloE5dpUpxbV

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks