General

  • Target

    Client-built.exe

  • Size

    1.6MB

  • Sample

    250515-n5xwqawwev

  • MD5

    6643c12cc255ee6c2384036049f71565

  • SHA1

    7fee1a0322b0026e35254719c0d9ef80c03f4c42

  • SHA256

    53b837c64a4f8841bba0ec5d7699676ed92291a0a87bdbee2755b24f12bb5e3e

  • SHA512

    5d490dddf3c57173446a4f3e4730bf656fa98fc39db6517a747f1dffec08fde03bb5082ffa4d4abc57e5141dd446d80be856b9cfbd5468d9bc8b85b16831402f

  • SSDEEP

    24576:84uihqSkEWfRWYqpTp6X37ctko5C0Zww7DyCcsfmTuiNpY69945MoQ/npYcgB:8ihmPWlUbo5xyw7FtmTzpPGSY

Malware Config

Targets

    • Target

      Client-built.exe

    • Size

      1.6MB

    • MD5

      6643c12cc255ee6c2384036049f71565

    • SHA1

      7fee1a0322b0026e35254719c0d9ef80c03f4c42

    • SHA256

      53b837c64a4f8841bba0ec5d7699676ed92291a0a87bdbee2755b24f12bb5e3e

    • SHA512

      5d490dddf3c57173446a4f3e4730bf656fa98fc39db6517a747f1dffec08fde03bb5082ffa4d4abc57e5141dd446d80be856b9cfbd5468d9bc8b85b16831402f

    • SSDEEP

      24576:84uihqSkEWfRWYqpTp6X37ctko5C0Zww7DyCcsfmTuiNpY69945MoQ/npYcgB:8ihmPWlUbo5xyw7FtmTzpPGSY

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

    • Sets desktop wallpaper using registry

MITRE ATT&CK Enterprise v16

Tasks