General

  • Target

    a29d89b69970c822202b6da733b8d5926e59bc2e887908d208eb1070494c6499N.exe

  • Size

    2.6MB

  • Sample

    241113-y736mayejg

  • MD5

    fd0364c2dd5ed8c2af4d4540d47d4310

  • SHA1

    436ff44ae20054ad7d0339e009f2a77a22fbd622

  • SHA256

    a29d89b69970c822202b6da733b8d5926e59bc2e887908d208eb1070494c6499

  • SHA512

    b943b6c9a2525bbe156a526a968e8bbcfb1975fd9b5418e80e42209b31fedeac1c1e9cfaa93a1c4574d4258a171c8176777a74cf706340f5ec5af35b6f5d6cf9

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBNB/bSq:sxX7QnxrloE5dpUpabV

Malware Config

Targets

    • Target

      a29d89b69970c822202b6da733b8d5926e59bc2e887908d208eb1070494c6499N.exe

    • Size

      2.6MB

    • MD5

      fd0364c2dd5ed8c2af4d4540d47d4310

    • SHA1

      436ff44ae20054ad7d0339e009f2a77a22fbd622

    • SHA256

      a29d89b69970c822202b6da733b8d5926e59bc2e887908d208eb1070494c6499

    • SHA512

      b943b6c9a2525bbe156a526a968e8bbcfb1975fd9b5418e80e42209b31fedeac1c1e9cfaa93a1c4574d4258a171c8176777a74cf706340f5ec5af35b6f5d6cf9

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBNB/bSq:sxX7QnxrloE5dpUpabV

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks