General

  • Target

    81f4ecdd32eec8ba919dba14887eed1199c03ea3cbcf5206613f4d2a8cc3b78eN.exe

  • Size

    2.6MB

  • Sample

    241113-qcdy9awjbr

  • MD5

    502c3af411ca4aca5ac7e2f01eb91360

  • SHA1

    6ac3fec0181598e609b1303871a0518aa3734f4d

  • SHA256

    81f4ecdd32eec8ba919dba14887eed1199c03ea3cbcf5206613f4d2a8cc3b78e

  • SHA512

    aeb61c9af10945bf1ac965cc5b194e49c6116200b1a403cef1e05796954b1e514dee4676b6745e10bf0181715dd476c872713840046347b97f3919179d37405a

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBMB/bSq:sxX7QnxrloE5dpUpPbV

Malware Config

Targets

    • Target

      81f4ecdd32eec8ba919dba14887eed1199c03ea3cbcf5206613f4d2a8cc3b78eN.exe

    • Size

      2.6MB

    • MD5

      502c3af411ca4aca5ac7e2f01eb91360

    • SHA1

      6ac3fec0181598e609b1303871a0518aa3734f4d

    • SHA256

      81f4ecdd32eec8ba919dba14887eed1199c03ea3cbcf5206613f4d2a8cc3b78e

    • SHA512

      aeb61c9af10945bf1ac965cc5b194e49c6116200b1a403cef1e05796954b1e514dee4676b6745e10bf0181715dd476c872713840046347b97f3919179d37405a

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBMB/bSq:sxX7QnxrloE5dpUpPbV

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks