General

  • Target

    5e9e002109c451eef8ed25e9f3eae5f242a5999be2ee54ddab8d986bd6b0b99fN.exe

  • Size

    2.6MB

  • Sample

    250115-1rnr4swmd1

  • MD5

    13ba0130bf998d906b6157ca1b317710

  • SHA1

    d276c26cefb28f364e6313f195b4a66d3d7d660c

  • SHA256

    5e9e002109c451eef8ed25e9f3eae5f242a5999be2ee54ddab8d986bd6b0b99f

  • SHA512

    3e410db289e150a59b1d862b106f0442f47c262293c7b7f6935e53aa82281892885ea6ede6956cb26e382fd2d7e86970abfcb3fe4fbf779445b0eb577cee9fbe

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBgB/bSq:sxX7QnxrloE5dpUpPbV

Malware Config

Targets

    • Target

      5e9e002109c451eef8ed25e9f3eae5f242a5999be2ee54ddab8d986bd6b0b99fN.exe

    • Size

      2.6MB

    • MD5

      13ba0130bf998d906b6157ca1b317710

    • SHA1

      d276c26cefb28f364e6313f195b4a66d3d7d660c

    • SHA256

      5e9e002109c451eef8ed25e9f3eae5f242a5999be2ee54ddab8d986bd6b0b99f

    • SHA512

      3e410db289e150a59b1d862b106f0442f47c262293c7b7f6935e53aa82281892885ea6ede6956cb26e382fd2d7e86970abfcb3fe4fbf779445b0eb577cee9fbe

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBgB/bSq:sxX7QnxrloE5dpUpPbV

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks