General

  • Target

    8f986c813cabfd3f828548b42676a95d8a321fc00d70e1de2728ee79b9528cac.exe

  • Size

    2.6MB

  • Sample

    241113-rtnepateql

  • MD5

    1126405e817bccee40e524794bfb87f2

  • SHA1

    3f5bd9ad93c169ba6b428da65e6e04d22c4ea791

  • SHA256

    8f986c813cabfd3f828548b42676a95d8a321fc00d70e1de2728ee79b9528cac

  • SHA512

    d9120c23546f49457b775ee62008cf8619f8aedd763e20ccbe2553addbb66fb652b7f2ce56011e7b3a941838e6c3d8ff64813d3fff3efa7e0a5f98952b4d7288

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBUB/bSS:sxX7QnxrloE5dpUpfbd

Malware Config

Targets

    • Target

      8f986c813cabfd3f828548b42676a95d8a321fc00d70e1de2728ee79b9528cac.exe

    • Size

      2.6MB

    • MD5

      1126405e817bccee40e524794bfb87f2

    • SHA1

      3f5bd9ad93c169ba6b428da65e6e04d22c4ea791

    • SHA256

      8f986c813cabfd3f828548b42676a95d8a321fc00d70e1de2728ee79b9528cac

    • SHA512

      d9120c23546f49457b775ee62008cf8619f8aedd763e20ccbe2553addbb66fb652b7f2ce56011e7b3a941838e6c3d8ff64813d3fff3efa7e0a5f98952b4d7288

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBUB/bSS:sxX7QnxrloE5dpUpfbd

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks