General

  • Target

    9b0747388e1d9be5fde448f01bdaead14621afd1669dda3fd064b0c63d227ae9

  • Size

    3.5MB

  • Sample

    250701-gs5bpssnz4

  • MD5

    2a711e398deea55e6313a0728696fcd3

  • SHA1

    ddf72a74fa5515d9cee37fa9dc31b435ec7b8f45

  • SHA256

    9b0747388e1d9be5fde448f01bdaead14621afd1669dda3fd064b0c63d227ae9

  • SHA512

    dee002373f32ae542f4d6afafb5493c3e830bbd3ed89e34ae5590ecd51af647457af136470db711a3ebf4ea0d9b273805ec428dc9cefe09bbc4f1371cf58d77b

  • SSDEEP

    98304:iLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLA:CjJa

Malware Config

Targets

    • Target

      9b0747388e1d9be5fde448f01bdaead14621afd1669dda3fd064b0c63d227ae9

    • Size

      3.5MB

    • MD5

      2a711e398deea55e6313a0728696fcd3

    • SHA1

      ddf72a74fa5515d9cee37fa9dc31b435ec7b8f45

    • SHA256

      9b0747388e1d9be5fde448f01bdaead14621afd1669dda3fd064b0c63d227ae9

    • SHA512

      dee002373f32ae542f4d6afafb5493c3e830bbd3ed89e34ae5590ecd51af647457af136470db711a3ebf4ea0d9b273805ec428dc9cefe09bbc4f1371cf58d77b

    • SSDEEP

      98304:iLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLA:CjJa

    • Drops startup file

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v16

Tasks