General
-
Target
OperaGXSetup.exe
-
Size
3.8MB
-
Sample
250204-aq1r6sylfx
-
MD5
5b8cb1947781b81771c8ccce8c2acf9c
-
SHA1
dac0a7b542a624c851bb182af26ad4540f9b3662
-
SHA256
26bb11eda4879dfcec579835c2e2a4240bd115415919d9934199be2d442bfc58
-
SHA512
70ace2d4fd39fa3923cca59f80a085025ad5c5477d873beef61036ee9590ac77a2a670d23cd149691b194e2b20f96661af8dd5d795a61bf9cfe31ff0c65d43c8
-
SSDEEP
98304:IA5YT8y844FnN4ChLeQEGfleiLdAXmjTjiMI:4T8y/IrBr5f3LU2ml
Malware Config
Targets
-
-
Target
OperaGXSetup.exe
-
Size
3.8MB
-
MD5
5b8cb1947781b81771c8ccce8c2acf9c
-
SHA1
dac0a7b542a624c851bb182af26ad4540f9b3662
-
SHA256
26bb11eda4879dfcec579835c2e2a4240bd115415919d9934199be2d442bfc58
-
SHA512
70ace2d4fd39fa3923cca59f80a085025ad5c5477d873beef61036ee9590ac77a2a670d23cd149691b194e2b20f96661af8dd5d795a61bf9cfe31ff0c65d43c8
-
SSDEEP
98304:IA5YT8y844FnN4ChLeQEGfleiLdAXmjTjiMI:4T8y/IrBr5f3LU2ml
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
1Subvert Trust Controls
1Install Root Certificate
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1