General

  • Target

    246ac2ff26be884606898022889594e7d037847288254f6d74cc0a93062d80ee

  • Size

    160KB

  • Sample

    241113-zaqppssjhm

  • MD5

    dd081da0f2370b603ff10eda0d2c3834

  • SHA1

    750393fd121638a522c8ff17cbbf608b7ccec527

  • SHA256

    246ac2ff26be884606898022889594e7d037847288254f6d74cc0a93062d80ee

  • SHA512

    627271a3865250d285e87c9c78dafe3fdb2dec70d2e2ecabe6efceb77f610964f1d861a43407304b0743c03853f9a72ee53f6c50a2074a8bdd0c55dcc3d05926

  • SSDEEP

    3072:iGjK99QR809vb8AryfxFhurI6nhDrNT3WOcmPWTEcR283brWjNnnCPcQEFf:i8Ah0J8hfzQrTn1B3WOfWwcYuboNnnCk

Malware Config

Targets

    • Target

      246ac2ff26be884606898022889594e7d037847288254f6d74cc0a93062d80ee

    • Size

      160KB

    • MD5

      dd081da0f2370b603ff10eda0d2c3834

    • SHA1

      750393fd121638a522c8ff17cbbf608b7ccec527

    • SHA256

      246ac2ff26be884606898022889594e7d037847288254f6d74cc0a93062d80ee

    • SHA512

      627271a3865250d285e87c9c78dafe3fdb2dec70d2e2ecabe6efceb77f610964f1d861a43407304b0743c03853f9a72ee53f6c50a2074a8bdd0c55dcc3d05926

    • SSDEEP

      3072:iGjK99QR809vb8AryfxFhurI6nhDrNT3WOcmPWTEcR283brWjNnnCPcQEFf:i8Ah0J8hfzQrTn1B3WOfWwcYuboNnnCk

    • Blocklisted process makes network request

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks