General

  • Target

    285361ea874bb11d93d34b63cfa3fcbecb099ef2096da64132c27eb14a7c6bd9

  • Size

    2.6MB

  • Sample

    241113-zelxbaygnq

  • MD5

    7c06fc63bb6b8c3018c7b27996f3c04d

  • SHA1

    879b3c30869902a6e0260f0b878d5cda3ff8fb0f

  • SHA256

    285361ea874bb11d93d34b63cfa3fcbecb099ef2096da64132c27eb14a7c6bd9

  • SHA512

    7eb2430e1bc9e2f8a0f5c7df7a011dbb86c0535b0336bfd53d84f43f36143e6a0355c49179f34145824a903ee3648700dded9cc3713ea68087d1ff2d8fbd29f3

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBpB/bSq:sxX7QnxrloE5dpUpybV

Malware Config

Targets

    • Target

      285361ea874bb11d93d34b63cfa3fcbecb099ef2096da64132c27eb14a7c6bd9

    • Size

      2.6MB

    • MD5

      7c06fc63bb6b8c3018c7b27996f3c04d

    • SHA1

      879b3c30869902a6e0260f0b878d5cda3ff8fb0f

    • SHA256

      285361ea874bb11d93d34b63cfa3fcbecb099ef2096da64132c27eb14a7c6bd9

    • SHA512

      7eb2430e1bc9e2f8a0f5c7df7a011dbb86c0535b0336bfd53d84f43f36143e6a0355c49179f34145824a903ee3648700dded9cc3713ea68087d1ff2d8fbd29f3

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBpB/bSq:sxX7QnxrloE5dpUpybV

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks