General

  • Target

    606b9cc25be22aec4f570c9f7d1f3e6d9c1f265545f57c6487948572a8838824.exe

  • Size

    2.6MB

  • Sample

    241113-x41qnaxhlg

  • MD5

    0ccd11fc568b76bad31ad45994aff265

  • SHA1

    5afe898fb00cbe9f94740ac516d19050bc1efdbd

  • SHA256

    606b9cc25be22aec4f570c9f7d1f3e6d9c1f265545f57c6487948572a8838824

  • SHA512

    e622ae05c26c44394d5d84bdb5ff60c3e48b46717ad3a7979a6d0820c2ef5c31830ddb3d2d5dffe55f63ed546a79ce1445dae2f590b9d87d6535bd6165e999f5

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB5B/bSq9:sxX7QnxrloE5dpUpabV9

Malware Config

Targets

    • Target

      606b9cc25be22aec4f570c9f7d1f3e6d9c1f265545f57c6487948572a8838824.exe

    • Size

      2.6MB

    • MD5

      0ccd11fc568b76bad31ad45994aff265

    • SHA1

      5afe898fb00cbe9f94740ac516d19050bc1efdbd

    • SHA256

      606b9cc25be22aec4f570c9f7d1f3e6d9c1f265545f57c6487948572a8838824

    • SHA512

      e622ae05c26c44394d5d84bdb5ff60c3e48b46717ad3a7979a6d0820c2ef5c31830ddb3d2d5dffe55f63ed546a79ce1445dae2f590b9d87d6535bd6165e999f5

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB5B/bSq9:sxX7QnxrloE5dpUpabV9

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks