General

  • Target

    68bf80a67dab7607db3fd1b774f4335626ea912b9ef1c4a1656c6b6bc9b1966c.exe

  • Size

    3.0MB

  • Sample

    241113-rs3g8atepm

  • MD5

    c25e2b1a50412095e597bd23c4800405

  • SHA1

    ea67fd0d46376a65f3d4766b97df18ab1c8d1f10

  • SHA256

    68bf80a67dab7607db3fd1b774f4335626ea912b9ef1c4a1656c6b6bc9b1966c

  • SHA512

    15412961d605d32f9f8d5d0b69b6e239801e4be69d9f63d542ec690f2023a0f88596e1a217aecdf64a24810f9105a5dd383a0e45d52f6b20c1c3d8cd0f4dbac2

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBfB/bSqz8b6LNXR:sxX7QnxrloE5dpUp0bVz8eLFR

Malware Config

Targets

    • Target

      68bf80a67dab7607db3fd1b774f4335626ea912b9ef1c4a1656c6b6bc9b1966c.exe

    • Size

      3.0MB

    • MD5

      c25e2b1a50412095e597bd23c4800405

    • SHA1

      ea67fd0d46376a65f3d4766b97df18ab1c8d1f10

    • SHA256

      68bf80a67dab7607db3fd1b774f4335626ea912b9ef1c4a1656c6b6bc9b1966c

    • SHA512

      15412961d605d32f9f8d5d0b69b6e239801e4be69d9f63d542ec690f2023a0f88596e1a217aecdf64a24810f9105a5dd383a0e45d52f6b20c1c3d8cd0f4dbac2

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBfB/bSqz8b6LNXR:sxX7QnxrloE5dpUp0bVz8eLFR

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks