General

  • Target

    914e3b65176a88b7ea89f63cdb1a4c97463cd52cdd359f966061a97d3018788aN.exe

  • Size

    2.6MB

  • Sample

    241113-xzxs7sxkfy

  • MD5

    67ba249cb348f55bc289213f38b20890

  • SHA1

    85177eb5366e067d65b149e0a73f83257d37dbc9

  • SHA256

    914e3b65176a88b7ea89f63cdb1a4c97463cd52cdd359f966061a97d3018788a

  • SHA512

    7c24f85fd4b73e5da6eeb53dc8cf2a14ae01635dfb2579237290b2a0775b5846e1089f0cd383133685c72cd84f8da1f86b737c29eb32fce14a19f7ea0f9e9f30

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBmB/bS:sxX7QnxrloE5dpUpVb

Malware Config

Targets

    • Target

      914e3b65176a88b7ea89f63cdb1a4c97463cd52cdd359f966061a97d3018788aN.exe

    • Size

      2.6MB

    • MD5

      67ba249cb348f55bc289213f38b20890

    • SHA1

      85177eb5366e067d65b149e0a73f83257d37dbc9

    • SHA256

      914e3b65176a88b7ea89f63cdb1a4c97463cd52cdd359f966061a97d3018788a

    • SHA512

      7c24f85fd4b73e5da6eeb53dc8cf2a14ae01635dfb2579237290b2a0775b5846e1089f0cd383133685c72cd84f8da1f86b737c29eb32fce14a19f7ea0f9e9f30

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBmB/bS:sxX7QnxrloE5dpUpVb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks