General

  • Target

    9c79e106d4645d6640a3e1d42d73e5d8de284e94087adf29602e74321a531dd4.exe

  • Size

    4.1MB

  • Sample

    241113-qahvesvrhp

  • MD5

    5b290a214447f20d24ae1c84bc21e857

  • SHA1

    3ef615f36542ee89069f6e3a8bc1f074add41e4f

  • SHA256

    9c79e106d4645d6640a3e1d42d73e5d8de284e94087adf29602e74321a531dd4

  • SHA512

    9b0776d61a962bf8b856d7248188b50a1daeb864ea88f130a51d02799e2a8f31d6e039ffbb1339352192e7ea8f2530d8d75e6d58bcf3136e2307cefd1df44bcc

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBAB/bSqz8b6LNXJqI20tK:sxX7QnxrloE5dpUp7bVz8eLFczR

Malware Config

Targets

    • Target

      9c79e106d4645d6640a3e1d42d73e5d8de284e94087adf29602e74321a531dd4.exe

    • Size

      4.1MB

    • MD5

      5b290a214447f20d24ae1c84bc21e857

    • SHA1

      3ef615f36542ee89069f6e3a8bc1f074add41e4f

    • SHA256

      9c79e106d4645d6640a3e1d42d73e5d8de284e94087adf29602e74321a531dd4

    • SHA512

      9b0776d61a962bf8b856d7248188b50a1daeb864ea88f130a51d02799e2a8f31d6e039ffbb1339352192e7ea8f2530d8d75e6d58bcf3136e2307cefd1df44bcc

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBAB/bSqz8b6LNXJqI20tK:sxX7QnxrloE5dpUp7bVz8eLFczR

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks