General

  • Target

    1797cf797dbfaecdf61be370c534e579c9d9c7809286bbda0acbb5db171c3d37.exe

  • Size

    2.6MB

  • Sample

    241113-r6kvbstkb1

  • MD5

    58fac8144632774f73a824c81071ed9c

  • SHA1

    5aac13bb29dc577d85645e7287f59caa870acead

  • SHA256

    1797cf797dbfaecdf61be370c534e579c9d9c7809286bbda0acbb5db171c3d37

  • SHA512

    f322d74fd3b81f3bfb996983a3b70f4a96f1508e7a7c2e27c109dfa7bac741325da76b1f34a3a1b22388f744a6e7130ae55fff7db03f06f4a0dabdf1a792f7bd

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB6B/bSy:sxX7QnxrloE5dpUp5b9

Malware Config

Targets

    • Target

      1797cf797dbfaecdf61be370c534e579c9d9c7809286bbda0acbb5db171c3d37.exe

    • Size

      2.6MB

    • MD5

      58fac8144632774f73a824c81071ed9c

    • SHA1

      5aac13bb29dc577d85645e7287f59caa870acead

    • SHA256

      1797cf797dbfaecdf61be370c534e579c9d9c7809286bbda0acbb5db171c3d37

    • SHA512

      f322d74fd3b81f3bfb996983a3b70f4a96f1508e7a7c2e27c109dfa7bac741325da76b1f34a3a1b22388f744a6e7130ae55fff7db03f06f4a0dabdf1a792f7bd

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB6B/bSy:sxX7QnxrloE5dpUp5b9

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks