General

  • Target

    21c50c1734d5cd2c46679dfd9c03ea439bc656d6ef305090db0c0367c4407217

  • Size

    2.6MB

  • Sample

    241113-y7b25sxqht

  • MD5

    8fee7bd911ae45be98c4e7d7dd29b5a5

  • SHA1

    b885bad18748b5a5ebe6172a32422f0fcbac3062

  • SHA256

    21c50c1734d5cd2c46679dfd9c03ea439bc656d6ef305090db0c0367c4407217

  • SHA512

    2c4d5846c3ffc178c53fa76f365dfc1f0a0c8959a9bc33ef69d58bc62f46e1debb9a6e593a4592055b0f319c717ea141e7f6a37abc2902961b3d1a31f25849db

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBAB/bS:sxX7QnxrloE5dpUpjb

Malware Config

Targets

    • Target

      21c50c1734d5cd2c46679dfd9c03ea439bc656d6ef305090db0c0367c4407217

    • Size

      2.6MB

    • MD5

      8fee7bd911ae45be98c4e7d7dd29b5a5

    • SHA1

      b885bad18748b5a5ebe6172a32422f0fcbac3062

    • SHA256

      21c50c1734d5cd2c46679dfd9c03ea439bc656d6ef305090db0c0367c4407217

    • SHA512

      2c4d5846c3ffc178c53fa76f365dfc1f0a0c8959a9bc33ef69d58bc62f46e1debb9a6e593a4592055b0f319c717ea141e7f6a37abc2902961b3d1a31f25849db

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBAB/bS:sxX7QnxrloE5dpUpjb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks