General

  • Target

    6c977bd1ab9bec11d1f08ff70286832e3e91a291c863e335735c9dcdcc820c0c

  • Size

    1.8MB

  • Sample

    250115-1pasgawley

  • MD5

    773321dec8ad984c7efb32171df2f45b

  • SHA1

    4b2a0f47f2d429550fe2e24a8dc3a692b6ed7e6c

  • SHA256

    6c977bd1ab9bec11d1f08ff70286832e3e91a291c863e335735c9dcdcc820c0c

  • SHA512

    daf7022714a2b19ae89ed33f378c110e3c53d68540272eed15b6c3c70d9552a013f68e11ecffffdea6e36a8e3845eb400ee746f851f87ea1f74b72e30c11eba3

  • SSDEEP

    49152:ex5SUW/cxUitIGLsF0nb+tJVYleAMz77+WAykQ/qoLEw:evbjVkjjCAzJ5qo4w

Malware Config

Targets

    • Target

      6c977bd1ab9bec11d1f08ff70286832e3e91a291c863e335735c9dcdcc820c0c

    • Size

      1.8MB

    • MD5

      773321dec8ad984c7efb32171df2f45b

    • SHA1

      4b2a0f47f2d429550fe2e24a8dc3a692b6ed7e6c

    • SHA256

      6c977bd1ab9bec11d1f08ff70286832e3e91a291c863e335735c9dcdcc820c0c

    • SHA512

      daf7022714a2b19ae89ed33f378c110e3c53d68540272eed15b6c3c70d9552a013f68e11ecffffdea6e36a8e3845eb400ee746f851f87ea1f74b72e30c11eba3

    • SSDEEP

      49152:ex5SUW/cxUitIGLsF0nb+tJVYleAMz77+WAykQ/qoLEw:evbjVkjjCAzJ5qo4w

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks