General

  • Target

    98e8db35110a916071d3dc9bd310de04035802099c0ceb4bae90c3b957338bbf

  • Size

    6.1MB

  • Sample

    250630-zdrfeagl51

  • MD5

    68a1101844c8a14ad2f7163980925622

  • SHA1

    2286d7228a10885f9ddf848a48b265a3403dc559

  • SHA256

    98e8db35110a916071d3dc9bd310de04035802099c0ceb4bae90c3b957338bbf

  • SHA512

    0b6e07315639d723743b3d08982d4b8baff8a40e6880943bb9208bc6a7ac06854e5a5bc4b4b10b8782d7b789c5731a74c44e93785a81cbeff99033f2b654c29c

  • SSDEEP

    98304:iLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLq:0jJE

Malware Config

Targets

    • Target

      98e8db35110a916071d3dc9bd310de04035802099c0ceb4bae90c3b957338bbf

    • Size

      6.1MB

    • MD5

      68a1101844c8a14ad2f7163980925622

    • SHA1

      2286d7228a10885f9ddf848a48b265a3403dc559

    • SHA256

      98e8db35110a916071d3dc9bd310de04035802099c0ceb4bae90c3b957338bbf

    • SHA512

      0b6e07315639d723743b3d08982d4b8baff8a40e6880943bb9208bc6a7ac06854e5a5bc4b4b10b8782d7b789c5731a74c44e93785a81cbeff99033f2b654c29c

    • SSDEEP

      98304:iLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLq:0jJE

    • Drops startup file

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v16

Tasks