General

  • Target

    2cf8d95138dbc1f34e5f0d2b34e9f651c509d550f63232354dfbe3781c0dc05fN.exe

  • Size

    2.6MB

  • Sample

    241113-qm7djssemd

  • MD5

    aae815e229700464910217dc5add0a60

  • SHA1

    e17b32962dba0ce9935272162e27d9c44c851970

  • SHA256

    2cf8d95138dbc1f34e5f0d2b34e9f651c509d550f63232354dfbe3781c0dc05f

  • SHA512

    9557b70df271785cd10c3c2ae19f73266c3a23596e2277e04a437c5177ff35b27366d502314ed0e72dbf7d22b50fc9cda404c8a1f5a88d118a52c37dea13d81d

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBeB/bS:sxX7QnxrloE5dpUp5b

Malware Config

Targets

    • Target

      2cf8d95138dbc1f34e5f0d2b34e9f651c509d550f63232354dfbe3781c0dc05fN.exe

    • Size

      2.6MB

    • MD5

      aae815e229700464910217dc5add0a60

    • SHA1

      e17b32962dba0ce9935272162e27d9c44c851970

    • SHA256

      2cf8d95138dbc1f34e5f0d2b34e9f651c509d550f63232354dfbe3781c0dc05f

    • SHA512

      9557b70df271785cd10c3c2ae19f73266c3a23596e2277e04a437c5177ff35b27366d502314ed0e72dbf7d22b50fc9cda404c8a1f5a88d118a52c37dea13d81d

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBeB/bS:sxX7QnxrloE5dpUp5b

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks