General

  • Target

    90b55fffa3b0b7cb2a22f7b5d376eda96cc91420dada951141ce292349a4a761.exe

  • Size

    1.1MB

  • Sample

    241114-ah45ma1hnd

  • MD5

    9beb99cf49f8dc64484c102297530cb7

  • SHA1

    5322241297cd19d82d8e520b4bbd99d6f012fcb7

  • SHA256

    90b55fffa3b0b7cb2a22f7b5d376eda96cc91420dada951141ce292349a4a761

  • SHA512

    0205e462ff4447fad42875237c1cb9ba004a5fe59ca3b63ab6610af40b88727c0847aaaec5b0a7cbd94c027850df8b6a3c6b3153a357d02d39719450d771885f

  • SSDEEP

    24576:+rfzXdaxgAOZGspkqLCVHpZktAIn1brR7ZHFGjbhDZlnd:2XdaxgAOZDp/Avkz1brR1HF69Hd

Malware Config

Targets

    • Target

      90b55fffa3b0b7cb2a22f7b5d376eda96cc91420dada951141ce292349a4a761.exe

    • Size

      1.1MB

    • MD5

      9beb99cf49f8dc64484c102297530cb7

    • SHA1

      5322241297cd19d82d8e520b4bbd99d6f012fcb7

    • SHA256

      90b55fffa3b0b7cb2a22f7b5d376eda96cc91420dada951141ce292349a4a761

    • SHA512

      0205e462ff4447fad42875237c1cb9ba004a5fe59ca3b63ab6610af40b88727c0847aaaec5b0a7cbd94c027850df8b6a3c6b3153a357d02d39719450d771885f

    • SSDEEP

      24576:+rfzXdaxgAOZGspkqLCVHpZktAIn1brR7ZHFGjbhDZlnd:2XdaxgAOZDp/Avkz1brR1HF69Hd

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

MITRE ATT&CK Enterprise v15

Tasks