General

  • Target

    b1037ef57f702ed5d6449c1814c6bb2c2440e954cd444733986b74d772191f02

  • Size

    185KB

  • Sample

    250630-t31gqahm81

  • MD5

    18b6b867d460b7fca86cb68d74d1d802

  • SHA1

    22fc17efcec0c35b3a88fa21c49ae8b77400b7e0

  • SHA256

    b1037ef57f702ed5d6449c1814c6bb2c2440e954cd444733986b74d772191f02

  • SHA512

    19dc6e73fe992e8d772154fe28a9df311dab1043222b2042929a367f8b0cc5cbc1678c49043fc7f4514687beae804ba35735762033ef3b3d6814cd40815afe48

  • SSDEEP

    3072:SG1f9otlARYLJXJoYtpA/H3RpDecC+EZX70RjLTu46R0Eb:b11oTgYLjvqXRpDecw7Kj3u46db

Malware Config

Targets

    • Target

      b1037ef57f702ed5d6449c1814c6bb2c2440e954cd444733986b74d772191f02

    • Size

      185KB

    • MD5

      18b6b867d460b7fca86cb68d74d1d802

    • SHA1

      22fc17efcec0c35b3a88fa21c49ae8b77400b7e0

    • SHA256

      b1037ef57f702ed5d6449c1814c6bb2c2440e954cd444733986b74d772191f02

    • SHA512

      19dc6e73fe992e8d772154fe28a9df311dab1043222b2042929a367f8b0cc5cbc1678c49043fc7f4514687beae804ba35735762033ef3b3d6814cd40815afe48

    • SSDEEP

      3072:SG1f9otlARYLJXJoYtpA/H3RpDecC+EZX70RjLTu46R0Eb:b11oTgYLjvqXRpDecw7Kj3u46db

    • Drops startup file

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v16

Tasks