General

  • Target

    1f0453a37489c78b927c3b99443c268df520eff5a5a7bea5f6d3a27d9f8593e2

  • Size

    2.6MB

  • Sample

    241113-y4ghfsyflr

  • MD5

    85a1f1236f344efd31752691880300f1

  • SHA1

    8ce52dd98d61905d2c12e2e3e506fccfa23889b3

  • SHA256

    1f0453a37489c78b927c3b99443c268df520eff5a5a7bea5f6d3a27d9f8593e2

  • SHA512

    125d4d35afca63042da93000f3bb92f4c1a16f308f05ac6a8115802d98a6a38afd6057e246df83af100b8c7088bd810d2a030a1cad4bd1237400dbd12ce51cb7

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBnB/bS:sxX7QnxrloE5dpUpMb

Malware Config

Targets

    • Target

      1f0453a37489c78b927c3b99443c268df520eff5a5a7bea5f6d3a27d9f8593e2

    • Size

      2.6MB

    • MD5

      85a1f1236f344efd31752691880300f1

    • SHA1

      8ce52dd98d61905d2c12e2e3e506fccfa23889b3

    • SHA256

      1f0453a37489c78b927c3b99443c268df520eff5a5a7bea5f6d3a27d9f8593e2

    • SHA512

      125d4d35afca63042da93000f3bb92f4c1a16f308f05ac6a8115802d98a6a38afd6057e246df83af100b8c7088bd810d2a030a1cad4bd1237400dbd12ce51cb7

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBnB/bS:sxX7QnxrloE5dpUpMb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks