General

  • Target

    2c47249a93eb1e1f1dac9510807209c441e529f010ec2632374f0de54b880414

  • Size

    2.6MB

  • Sample

    241113-zkvreayhln

  • MD5

    49081284450816c4eb08e1695019f0e5

  • SHA1

    e72acf17bc03d44d70b2222974856f9dadd0e417

  • SHA256

    2c47249a93eb1e1f1dac9510807209c441e529f010ec2632374f0de54b880414

  • SHA512

    708d06b2e67959ca4be01360f64d956a88f9d0bf09bd012c358fc9ffd472bffb41bf9f9bda04d7922bdb1c303bac7e1e2ad78e69a8d1e6ec7ff38db20beea87d

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBRB/bS:sxX7QnxrloE5dpUpWb

Malware Config

Targets

    • Target

      2c47249a93eb1e1f1dac9510807209c441e529f010ec2632374f0de54b880414

    • Size

      2.6MB

    • MD5

      49081284450816c4eb08e1695019f0e5

    • SHA1

      e72acf17bc03d44d70b2222974856f9dadd0e417

    • SHA256

      2c47249a93eb1e1f1dac9510807209c441e529f010ec2632374f0de54b880414

    • SHA512

      708d06b2e67959ca4be01360f64d956a88f9d0bf09bd012c358fc9ffd472bffb41bf9f9bda04d7922bdb1c303bac7e1e2ad78e69a8d1e6ec7ff38db20beea87d

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBRB/bS:sxX7QnxrloE5dpUpWb

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks