General

  • Target

    842013367eac731dc484f8402d0a04333447c4bab5a391424fbef3f38fea91b9.exe

  • Size

    215KB

  • Sample

    241113-rrnbxawrgp

  • MD5

    cbd59de7e431f0b273941a60e0f18d40

  • SHA1

    67ac09f9f9512f2c337ce1615c341d1b2f4856c4

  • SHA256

    842013367eac731dc484f8402d0a04333447c4bab5a391424fbef3f38fea91b9

  • SHA512

    51a28e45bacd18c6e7b59cc44b9c54eb08cf4395e7a0e3d7f3d3ef519bd5518b3c15d63de1710d46b1ac5fb81ef4ae500b50f704a00cf806c0ecc46c4583aeda

  • SSDEEP

    6144:uVtV0QPQCnSQsTEWYChnUnPJuHC3vcWYz:ubVQk1wnGACvc/

Malware Config

Targets

    • Target

      842013367eac731dc484f8402d0a04333447c4bab5a391424fbef3f38fea91b9.exe

    • Size

      215KB

    • MD5

      cbd59de7e431f0b273941a60e0f18d40

    • SHA1

      67ac09f9f9512f2c337ce1615c341d1b2f4856c4

    • SHA256

      842013367eac731dc484f8402d0a04333447c4bab5a391424fbef3f38fea91b9

    • SHA512

      51a28e45bacd18c6e7b59cc44b9c54eb08cf4395e7a0e3d7f3d3ef519bd5518b3c15d63de1710d46b1ac5fb81ef4ae500b50f704a00cf806c0ecc46c4583aeda

    • SSDEEP

      6144:uVtV0QPQCnSQsTEWYChnUnPJuHC3vcWYz:ubVQk1wnGACvc/

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks