General
-
Target
6a14c6d1656b9c19c8113dd849125c18b2336bb984fe083fdfccc657c74069d7
-
Size
1.1MB
-
Sample
241120-fkhbja1dle
-
MD5
baf7c4e01504e38e355edbd9cf36b200
-
SHA1
a35a59a2ef13dbe7b8bd5b8b213a2990e24baf61
-
SHA256
6a14c6d1656b9c19c8113dd849125c18b2336bb984fe083fdfccc657c74069d7
-
SHA512
fdf99fd9d88c184d0c6fd026eb5ce3f992ea082bf0b7f02a849ab6f93fa7f22a66d3457d118f24ca3582e7113738b9ac054d5b0f13c44f4607b42f06cb82c288
-
SSDEEP
24576:d03Nef9AiKGpEoQpkN2C4McuKo0GTNJpyT5RGeQa0s:d0de+GtCi27mVHyT+a0s
Malware Config
Targets
-
-
Target
6a14c6d1656b9c19c8113dd849125c18b2336bb984fe083fdfccc657c74069d7
-
Size
1.1MB
-
MD5
baf7c4e01504e38e355edbd9cf36b200
-
SHA1
a35a59a2ef13dbe7b8bd5b8b213a2990e24baf61
-
SHA256
6a14c6d1656b9c19c8113dd849125c18b2336bb984fe083fdfccc657c74069d7
-
SHA512
fdf99fd9d88c184d0c6fd026eb5ce3f992ea082bf0b7f02a849ab6f93fa7f22a66d3457d118f24ca3582e7113738b9ac054d5b0f13c44f4607b42f06cb82c288
-
SSDEEP
24576:d03Nef9AiKGpEoQpkN2C4McuKo0GTNJpyT5RGeQa0s:d0de+GtCi27mVHyT+a0s
Score8/10-
Drops file in Drivers directory
-
Deletes itself
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1