General

  • Target

    c57ac7e7ccc53b8a141d9fe224ad1bd0deebc3daabd67e5bdf35b42603ceeef2N

  • Size

    2.6MB

  • Sample

    241113-xywjraxkes

  • MD5

    37e36b793aa9bcef2aa9025f8092eb20

  • SHA1

    1fdd07d69e47ea49f50ea96b9b8adebc7305abaa

  • SHA256

    c57ac7e7ccc53b8a141d9fe224ad1bd0deebc3daabd67e5bdf35b42603ceeef2

  • SHA512

    087e6535e1facbdef2622c3bb1d618d6dcf535e8d1b25c6ea038b2a6c921e609f9bb0780c42e1761d5af81d6a2095e7ce7e2d3f5747c20f67699d1222b819445

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB7B/bS:sxX7QnxrloE5dpUpMb

Malware Config

Targets

    • Target

      c57ac7e7ccc53b8a141d9fe224ad1bd0deebc3daabd67e5bdf35b42603ceeef2N

    • Size

      2.6MB

    • MD5

      37e36b793aa9bcef2aa9025f8092eb20

    • SHA1

      1fdd07d69e47ea49f50ea96b9b8adebc7305abaa

    • SHA256

      c57ac7e7ccc53b8a141d9fe224ad1bd0deebc3daabd67e5bdf35b42603ceeef2

    • SHA512

      087e6535e1facbdef2622c3bb1d618d6dcf535e8d1b25c6ea038b2a6c921e609f9bb0780c42e1761d5af81d6a2095e7ce7e2d3f5747c20f67699d1222b819445

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB7B/bS:sxX7QnxrloE5dpUpMb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks