General

  • Target

    69e81eb9d402dadbb0859698ecd6a64e66ced6ee2e4151426f17965e9b9d55eaN.exe

  • Size

    2.6MB

  • Sample

    250119-yxpkgstmct

  • MD5

    a3176a8db518e0ff5d88dcdbcc1d8cd0

  • SHA1

    e2409f2d66ca21062cffd7c7b6750ea60898aaa8

  • SHA256

    69e81eb9d402dadbb0859698ecd6a64e66ced6ee2e4151426f17965e9b9d55ea

  • SHA512

    ea4f6746c0f4f8cea4a8e86f670d1a6368260b4861ef7eed5f75952a92dc68100656e0d415e67463191531bcdd83868312020b108f669ab4273b0eeb5d70cb89

  • SSDEEP

    49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB9B/bSq:sxX7QnxrloE5dpUpSbV

Malware Config

Targets

    • Target

      69e81eb9d402dadbb0859698ecd6a64e66ced6ee2e4151426f17965e9b9d55eaN.exe

    • Size

      2.6MB

    • MD5

      a3176a8db518e0ff5d88dcdbcc1d8cd0

    • SHA1

      e2409f2d66ca21062cffd7c7b6750ea60898aaa8

    • SHA256

      69e81eb9d402dadbb0859698ecd6a64e66ced6ee2e4151426f17965e9b9d55ea

    • SHA512

      ea4f6746c0f4f8cea4a8e86f670d1a6368260b4861ef7eed5f75952a92dc68100656e0d415e67463191531bcdd83868312020b108f669ab4273b0eeb5d70cb89

    • SSDEEP

      49152:sxX7665YxRVplZzSKntlGIiT+HvRdpcAHSjpjK3LB9B/bSq:sxX7QnxrloE5dpUpSbV

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks