General

  • Target

    84ea1e1af2f955c1b2ccea257aa42eb0842d7528ee4f30f8c621a82f6759a31f.exe

  • Size

    2.6MB

  • Sample

    250119-qaeg1aylbt

  • MD5

    e232c12aa7e0e6c37a83b338e2462aa1

  • SHA1

    217e4b87549b09d24a0aa78ad4f7d4e25b312552

  • SHA256

    84ea1e1af2f955c1b2ccea257aa42eb0842d7528ee4f30f8c621a82f6759a31f

  • SHA512

    25f0473064430299562e9d3cbde8df0db08f472f1c5559d1808d84700a42c9342907a40557fb4a959400b4776dfbcd80ed41a4fdf90c6c2cd09d649d808156bd

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBgB/bSqy:sxX7QnxrloE5dpUpLbVy

Malware Config

Targets

    • Target

      84ea1e1af2f955c1b2ccea257aa42eb0842d7528ee4f30f8c621a82f6759a31f.exe

    • Size

      2.6MB

    • MD5

      e232c12aa7e0e6c37a83b338e2462aa1

    • SHA1

      217e4b87549b09d24a0aa78ad4f7d4e25b312552

    • SHA256

      84ea1e1af2f955c1b2ccea257aa42eb0842d7528ee4f30f8c621a82f6759a31f

    • SHA512

      25f0473064430299562e9d3cbde8df0db08f472f1c5559d1808d84700a42c9342907a40557fb4a959400b4776dfbcd80ed41a4fdf90c6c2cd09d649d808156bd

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LBgB/bSqy:sxX7QnxrloE5dpUpLbVy

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks