General

  • Target

    https://mega.nz/file/qtMSGBwC#fBanyCp3_bKap9HG1PWhanOn3QyIAfqAReZCERzLvVE

  • Sample

    241114-qwth2szeld

Malware Config

Targets

    • Target

      https://mega.nz/file/qtMSGBwC#fBanyCp3_bKap9HG1PWhanOn3QyIAfqAReZCERzLvVE

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks