General

  • Target

    9621c66f95d1655a902c243678c2c7c2935b8129bb0d1182de9737f6f97ff758.exe

  • Size

    3.2MB

  • Sample

    241113-rytghatfnl

  • MD5

    a124beca3e2be56067e5c650827566cd

  • SHA1

    0fd93e74bae16ce123812ecdbf8f847c0e2205e6

  • SHA256

    9621c66f95d1655a902c243678c2c7c2935b8129bb0d1182de9737f6f97ff758

  • SHA512

    de57801b439e4f90d4aa9721e101611317beda37214fbe34c20427487459d84bd178f5906cc8e29cfb417b99bd0999ef16bc9d5c17c1742014fcc5b8cb06d9db

  • SSDEEP

    49152:dVAbwDFlvdlIZxaYvglsv24uJcMuR7wHaSMsas5TuUlJ8RZ6y56bKJqKqcCv5:7AUdM7vgKuJVuR8H+fsQuydVqc8

Malware Config

Targets

    • Target

      9621c66f95d1655a902c243678c2c7c2935b8129bb0d1182de9737f6f97ff758.exe

    • Size

      3.2MB

    • MD5

      a124beca3e2be56067e5c650827566cd

    • SHA1

      0fd93e74bae16ce123812ecdbf8f847c0e2205e6

    • SHA256

      9621c66f95d1655a902c243678c2c7c2935b8129bb0d1182de9737f6f97ff758

    • SHA512

      de57801b439e4f90d4aa9721e101611317beda37214fbe34c20427487459d84bd178f5906cc8e29cfb417b99bd0999ef16bc9d5c17c1742014fcc5b8cb06d9db

    • SSDEEP

      49152:dVAbwDFlvdlIZxaYvglsv24uJcMuR7wHaSMsas5TuUlJ8RZ6y56bKJqKqcCv5:7AUdM7vgKuJVuR8H+fsQuydVqc8

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks