Resubmissions

12-12-2024 16:48

241212-vbabwszpc1 10

12-12-2024 16:47

241212-vaq81ssmar 10

10-12-2024 21:17

241210-z5d96avjar 10

08-12-2024 22:24

241208-2bg53aznbp 10

08-12-2024 20:11

241208-yyc8vaykgk 10

04-12-2024 22:34

241204-2g8vzazrgj 10

04-12-2024 18:24

241204-w2cqdavlds 10

04-12-2024 14:03

241204-rcqhqaspfn 10

04-12-2024 00:00

241204-aaq8ss1mdw 10

03-12-2024 22:46

241203-2p4afstnfk 10

General

  • Target

    Custom-Rust.exe

  • Size

    8.1MB

  • Sample

    241208-2bg53aznbp

  • MD5

    31ae3b0534364fe6e1fb45864d96615d

  • SHA1

    92ab7d91b0356b4b04a08ad47f516ec8b988624a

  • SHA256

    2ab8c47033a3ecba0a53d521722d730a8701932eeb94dd1886de519a49eb1975

  • SHA512

    00db0afb795c21575339af9444cc674d59b064e385f064360ec1348d1078b48169a29afb003fbe35cc1b5248da305b46a5fe20bbecf2f5d6a3c2380fddf6b7ef

  • SSDEEP

    196608:ZO0cDoLjv+bhqNVoBKUh8mz4Iv9PeSEzv1DVn:JiIL+9qz8/b4IpEv3n

Malware Config

Targets

    • Target

      Custom-Rust.exe

    • Size

      8.1MB

    • MD5

      31ae3b0534364fe6e1fb45864d96615d

    • SHA1

      92ab7d91b0356b4b04a08ad47f516ec8b988624a

    • SHA256

      2ab8c47033a3ecba0a53d521722d730a8701932eeb94dd1886de519a49eb1975

    • SHA512

      00db0afb795c21575339af9444cc674d59b064e385f064360ec1348d1078b48169a29afb003fbe35cc1b5248da305b46a5fe20bbecf2f5d6a3c2380fddf6b7ef

    • SSDEEP

      196608:ZO0cDoLjv+bhqNVoBKUh8mz4Iv9PeSEzv1DVn:JiIL+9qz8/b4IpEv3n

    • Command and Scripting Interpreter: PowerShell

      Using powershell.exe command.

    • Clipboard Data

      Adversaries may collect data stored in the clipboard from users copying information within or between applications.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Unsecured Credentials: Credentials In Files

      Steal credentials from unsecured files.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Enumerates processes with tasklist

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks