General

  • Target

    c172b5601be026d4f6e9fd7954d7068442205b752a8c1d467ddcd69fc1f12370N.exe

  • Size

    2.6MB

  • Sample

    241113-rzk7hstfpj

  • MD5

    d9591f7aab5f6a092bf38b0cd9b5bd10

  • SHA1

    00c95ff8f004465736d4a39c0adc2f25208aee5a

  • SHA256

    c172b5601be026d4f6e9fd7954d7068442205b752a8c1d467ddcd69fc1f12370

  • SHA512

    098ebf6b2baf889971bacf0401b0ba465c8d2fbd19ba11a72d5db71890ef01fd497d1d0ba598d5b3b1b666057567b013a23169cf05d8fb265f2a4396e566e5ad

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBaB/bS:sxX7QnxrloE5dpUp9b

Malware Config

Targets

    • Target

      c172b5601be026d4f6e9fd7954d7068442205b752a8c1d467ddcd69fc1f12370N.exe

    • Size

      2.6MB

    • MD5

      d9591f7aab5f6a092bf38b0cd9b5bd10

    • SHA1

      00c95ff8f004465736d4a39c0adc2f25208aee5a

    • SHA256

      c172b5601be026d4f6e9fd7954d7068442205b752a8c1d467ddcd69fc1f12370

    • SHA512

      098ebf6b2baf889971bacf0401b0ba465c8d2fbd19ba11a72d5db71890ef01fd497d1d0ba598d5b3b1b666057567b013a23169cf05d8fb265f2a4396e566e5ad

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBaB/bS:sxX7QnxrloE5dpUp9b

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks