General
-
Target
OperaGXSetup.exe
-
Size
3.8MB
-
Sample
250103-v2veravmbz
-
MD5
fb23e09da4b0ebd20a0072e75fd994f4
-
SHA1
bc3433296ae972d574a368d50b737fd984cf3d38
-
SHA256
e478c912ca786de43cc76bfece772eef194600726e5641dcaab4e0cb260fa90e
-
SHA512
26d8005aaedb6066b65c1d564234ce25ab0aa9c318610a473aaa7e7fc71fcf5a4cb99fc9422be932ae36367ff48855a046eb0286ac848f34d575c8d519b19222
-
SSDEEP
49152:SVAbwA+j3AtriaXicL8D8nqdZqb8oM28CBHmLOIt/ZwDAakqbMz3Lnn7cAWFJJx:WA+jxJIfMKmLOIt/yDh7MbLnnXWFl
Malware Config
Targets
-
-
Target
OperaGXSetup.exe
-
Size
3.8MB
-
MD5
fb23e09da4b0ebd20a0072e75fd994f4
-
SHA1
bc3433296ae972d574a368d50b737fd984cf3d38
-
SHA256
e478c912ca786de43cc76bfece772eef194600726e5641dcaab4e0cb260fa90e
-
SHA512
26d8005aaedb6066b65c1d564234ce25ab0aa9c318610a473aaa7e7fc71fcf5a4cb99fc9422be932ae36367ff48855a046eb0286ac848f34d575c8d519b19222
-
SSDEEP
49152:SVAbwA+j3AtriaXicL8D8nqdZqb8oM28CBHmLOIt/ZwDAakqbMz3Lnn7cAWFJJx:WA+jxJIfMKmLOIt/yDh7MbLnnXWFl
Score8/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
1Subvert Trust Controls
1Install Root Certificate
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1