General

  • Target

    c9aef4b067d0b3b141ca04e483911cb11b28be4f896267dfbf96bde78b6f64a1

  • Size

    5.7MB

  • Sample

    250630-zdvstsvny3

  • MD5

    d6e51457fc282a630ef17dc76fac2376

  • SHA1

    76971a091a167aef51e58a8d0410c42eeb38a618

  • SHA256

    c9aef4b067d0b3b141ca04e483911cb11b28be4f896267dfbf96bde78b6f64a1

  • SHA512

    26f63fdf2104f51f2bdfc4ecbd9d760e93f91869149e11ccb9e3580dac32f56107a9b90583da08f326955478645dc412c1b062b683ff109d8658b111b3870a03

  • SSDEEP

    98304:iLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLW:CjJE

Malware Config

Targets

    • Target

      c9aef4b067d0b3b141ca04e483911cb11b28be4f896267dfbf96bde78b6f64a1

    • Size

      5.7MB

    • MD5

      d6e51457fc282a630ef17dc76fac2376

    • SHA1

      76971a091a167aef51e58a8d0410c42eeb38a618

    • SHA256

      c9aef4b067d0b3b141ca04e483911cb11b28be4f896267dfbf96bde78b6f64a1

    • SHA512

      26f63fdf2104f51f2bdfc4ecbd9d760e93f91869149e11ccb9e3580dac32f56107a9b90583da08f326955478645dc412c1b062b683ff109d8658b111b3870a03

    • SSDEEP

      98304:iLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLW:CjJE

    • Drops startup file

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v16

Tasks