General

  • Target

    52a5c72324b65a5f6122fcde2faf1d7d36d3d2bd2cf57996db584d713af02f65

  • Size

    204KB

  • Sample

    241122-hxk93askhq

  • MD5

    3303fa299133852cb13bd930cd8df3cf

  • SHA1

    e625b51300c16012f564079aa38050d85862e2d2

  • SHA256

    52a5c72324b65a5f6122fcde2faf1d7d36d3d2bd2cf57996db584d713af02f65

  • SHA512

    0d41fc2bc55b39bb6394f0d523e7896e6b1ac7d1d226b8e9802462609df6135e0a636e7ddc9f33de5ee865418a3468573beba2b0e4003e4f0fc975454ebe3637

  • SSDEEP

    3072:fP5gvNVLIfHQja1RfmLQADwSKkhU+tLgT5lODbiC8r1PkT:X2vnSwjaOcADw9cUeCOf

Malware Config

Targets

    • Target

      52a5c72324b65a5f6122fcde2faf1d7d36d3d2bd2cf57996db584d713af02f65

    • Size

      204KB

    • MD5

      3303fa299133852cb13bd930cd8df3cf

    • SHA1

      e625b51300c16012f564079aa38050d85862e2d2

    • SHA256

      52a5c72324b65a5f6122fcde2faf1d7d36d3d2bd2cf57996db584d713af02f65

    • SHA512

      0d41fc2bc55b39bb6394f0d523e7896e6b1ac7d1d226b8e9802462609df6135e0a636e7ddc9f33de5ee865418a3468573beba2b0e4003e4f0fc975454ebe3637

    • SSDEEP

      3072:fP5gvNVLIfHQja1RfmLQADwSKkhU+tLgT5lODbiC8r1PkT:X2vnSwjaOcADw9cUeCOf

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks