General

  • Target

    06a7d43e7d4e4f376493177225719eba4a24007447677fd75b122780e79aa90c.exe

  • Size

    1.1MB

  • Sample

    241114-nd92zaydqn

  • MD5

    04f51b4511d737892e6f50c84703fe54

  • SHA1

    7a50facbd39ef275079df60c64bc94bf571e53e7

  • SHA256

    06a7d43e7d4e4f376493177225719eba4a24007447677fd75b122780e79aa90c

  • SHA512

    9fa068e6a9fc2a1407d50014a2872202c007263433849df016cfa579ffe5c7e35da929e46e7e0397f7eb6b517a76c1e9e3dd8c9bb563121bca5ab81706a11cc5

  • SSDEEP

    24576:8wpOrt477q5ltoeMyOxVBQAFMs0Se2gcxKXLMMCaK0xF0xr7v:8wP7mleBxVBQAF10l2gcxK7TC6F09

Malware Config

Targets

    • Target

      06a7d43e7d4e4f376493177225719eba4a24007447677fd75b122780e79aa90c.exe

    • Size

      1.1MB

    • MD5

      04f51b4511d737892e6f50c84703fe54

    • SHA1

      7a50facbd39ef275079df60c64bc94bf571e53e7

    • SHA256

      06a7d43e7d4e4f376493177225719eba4a24007447677fd75b122780e79aa90c

    • SHA512

      9fa068e6a9fc2a1407d50014a2872202c007263433849df016cfa579ffe5c7e35da929e46e7e0397f7eb6b517a76c1e9e3dd8c9bb563121bca5ab81706a11cc5

    • SSDEEP

      24576:8wpOrt477q5ltoeMyOxVBQAFMs0Se2gcxKXLMMCaK0xF0xr7v:8wP7mleBxVBQAF10l2gcxK7TC6F09

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks