General

  • Target

    079e8c215a0a0d52da3e4e50aebdedf6463eb64c5132cda9f0aa81a17799f7e0.exe

  • Size

    1.1MB

  • Sample

    241114-ndpq2axpdz

  • MD5

    6936748e48384e4f4e50e6e8c6ee96c3

  • SHA1

    e58fd94bbfccaa5d51cfaf71ed9de6e1fa5cf2b8

  • SHA256

    079e8c215a0a0d52da3e4e50aebdedf6463eb64c5132cda9f0aa81a17799f7e0

  • SHA512

    57159dfdb256680da5b5191bb31e294235ba03adbfd7e4fc71735126f2411e51f123e98eb696048aae5dbd5183a523c562f67e527de75fdc7a7993b756097cc6

  • SSDEEP

    24576:OwpOrt477q5ltoeMyOxVBQAFMs0Se2gcxKXLM02Oy8VZdFEFur7v:OwP7mleBxVBQAF10l2gcxK7h2Oygpw4

Malware Config

Targets

    • Target

      079e8c215a0a0d52da3e4e50aebdedf6463eb64c5132cda9f0aa81a17799f7e0.exe

    • Size

      1.1MB

    • MD5

      6936748e48384e4f4e50e6e8c6ee96c3

    • SHA1

      e58fd94bbfccaa5d51cfaf71ed9de6e1fa5cf2b8

    • SHA256

      079e8c215a0a0d52da3e4e50aebdedf6463eb64c5132cda9f0aa81a17799f7e0

    • SHA512

      57159dfdb256680da5b5191bb31e294235ba03adbfd7e4fc71735126f2411e51f123e98eb696048aae5dbd5183a523c562f67e527de75fdc7a7993b756097cc6

    • SSDEEP

      24576:OwpOrt477q5ltoeMyOxVBQAFMs0Se2gcxKXLM02Oy8VZdFEFur7v:OwP7mleBxVBQAF10l2gcxK7h2Oygpw4

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks