Resubmissions

19/01/2025, 11:25

250119-nja5tsvnaz 8

19/01/2025, 11:23

250119-nhgk8avmhs 8

General

  • Target

    Atlantis.zip

  • Size

    16.0MB

  • Sample

    250119-nhgk8avmhs

  • MD5

    354e9e3fad148d4027299d71752c4969

  • SHA1

    640c08111d64164371316bedc51b681df50ff51e

  • SHA256

    a21314cca1ef2f11d6fb76f23c82a23547111e683e2434ccaf904f3ad4c039bc

  • SHA512

    0bb261ea33ac5e765df5870e87c8e0a054424dfe49ea977037ec5c03a96012ea1bf9076083b961d46e8d2b9c3825edd58e0978e62a9da9a75f48ef4b435be0da

  • SSDEEP

    393216:iHiM4pvedL2W7OXk28MEFc5qjC+rfS4cAa7h94RIkqnsh5B4L:iC3edyWfOqpwXyxqw5BE

Malware Config

Targets

    • Target

      Atlantis.exe

    • Size

      35.8MB

    • MD5

      c7f6c098b741f676772a0bbd725c5366

    • SHA1

      f31e97472619257628846ddccba94fecab421a87

    • SHA256

      810e8afd544e0fe3e6cf757f8280909e36de89a69edc613976109172d2091518

    • SHA512

      a34cc1888c6007e210c3840e66e8444785d6b420d82e54b1ac23ce586843d33aaa520a39fbce14a68128826b8d9531d6398c7fa11dfd22efcfbc5b006c7f3067

    • SSDEEP

      393216:qQgHDlanaGBXvDKtz+bhPWES4tiNQPNrIKc4gaPbUAgrO4mgz96l+ZArYsFRlIV2:q3on1HvSzxAMNzFZArYswVm/Wy7

    • Uses browser remote debugging

      Can be used control the browser and steal sensitive information such as credentials and session cookies.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks