General

  • Target

    4733d45c774722a13bdb352a37c23892ec18b994513fcb7ab79d7afae39d6193.exe

  • Size

    2.6MB

  • Sample

    241113-r8k8wathjm

  • MD5

    427fc6612d1ff80d24e913121327abaa

  • SHA1

    bf4b423d2b08abcad25c595ec22d18b7730f3e42

  • SHA256

    4733d45c774722a13bdb352a37c23892ec18b994513fcb7ab79d7afae39d6193

  • SHA512

    f86725819c481c429bc0ba047f15a9c05eadb81efe6a29c18dfff5e54516b6f5a0751e1cf9fb5f9bc630512f62048b4b6ae1981e4c2bd7800fa87299f6424d38

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBPB/bSm:sxX7QnxrloE5dpUpMbf

Malware Config

Targets

    • Target

      4733d45c774722a13bdb352a37c23892ec18b994513fcb7ab79d7afae39d6193.exe

    • Size

      2.6MB

    • MD5

      427fc6612d1ff80d24e913121327abaa

    • SHA1

      bf4b423d2b08abcad25c595ec22d18b7730f3e42

    • SHA256

      4733d45c774722a13bdb352a37c23892ec18b994513fcb7ab79d7afae39d6193

    • SHA512

      f86725819c481c429bc0ba047f15a9c05eadb81efe6a29c18dfff5e54516b6f5a0751e1cf9fb5f9bc630512f62048b4b6ae1981e4c2bd7800fa87299f6424d38

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBPB/bSm:sxX7QnxrloE5dpUpMbf

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks