General

  • Target

    7f92eb0b9942f79a463a7e756ff19e1611bcc5a5871054a3424e7993fe4e2a53.exe

  • Size

    2.6MB

  • Sample

    241113-sca9gathpl

  • MD5

    cf540b60f05d57073fdbf295cface9c0

  • SHA1

    2f1803cd16df71da72e6a6716845f3844ad269e4

  • SHA256

    7f92eb0b9942f79a463a7e756ff19e1611bcc5a5871054a3424e7993fe4e2a53

  • SHA512

    6b528d2e9a8ee74751b7e23b592a0d8f42a54487214c5abfd5f685e84cfe03006cb4ca33f9b3d17970a38fa6fc04521908dd8782ca864493ab4b4f863f062c8a

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBdB/bSW:sxX7QnxrloE5dpUp6bf

Malware Config

Targets

    • Target

      7f92eb0b9942f79a463a7e756ff19e1611bcc5a5871054a3424e7993fe4e2a53.exe

    • Size

      2.6MB

    • MD5

      cf540b60f05d57073fdbf295cface9c0

    • SHA1

      2f1803cd16df71da72e6a6716845f3844ad269e4

    • SHA256

      7f92eb0b9942f79a463a7e756ff19e1611bcc5a5871054a3424e7993fe4e2a53

    • SHA512

      6b528d2e9a8ee74751b7e23b592a0d8f42a54487214c5abfd5f685e84cfe03006cb4ca33f9b3d17970a38fa6fc04521908dd8782ca864493ab4b4f863f062c8a

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBdB/bSW:sxX7QnxrloE5dpUp6bf

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks