Resubmissions

03/07/2025, 08:15

250703-j5w7zavyg1 7

01/07/2025, 08:35

250701-kg7jgatmw2 7

General

  • Target

    C04E70613FCF916E27BD653F38149F71

  • Size

    5.8MB

  • Sample

    250703-j5w7zavyg1

  • MD5

    c04e70613fcf916e27bd653f38149f71

  • SHA1

    eeaff4b80680c7046898363db92cfa5b7d795275

  • SHA256

    9cd25d03ee9d4d988e553f5c106460dd4020948254e46c25770e31bd1380e9c9

  • SHA512

    8d353b8c3bd77f52c69fc6742e81fdcf79ad4c6e14fe3bfa97ab42bf84d3ebf3eb2239371aca59766ead9db7140f5e4e406fbfa028327460713356a0aa62d517

  • SSDEEP

    49152:Ls1MhZwDwVkd9WEfhhRHfwtnKcZZ45JFcQSmsAMb6WWB+j8UG0wKeK9KE2fA5E:L4/wx+5PMbNhDbE

Malware Config

Targets

    • Target

      C04E70613FCF916E27BD653F38149F71

    • Size

      5.8MB

    • MD5

      c04e70613fcf916e27bd653f38149f71

    • SHA1

      eeaff4b80680c7046898363db92cfa5b7d795275

    • SHA256

      9cd25d03ee9d4d988e553f5c106460dd4020948254e46c25770e31bd1380e9c9

    • SHA512

      8d353b8c3bd77f52c69fc6742e81fdcf79ad4c6e14fe3bfa97ab42bf84d3ebf3eb2239371aca59766ead9db7140f5e4e406fbfa028327460713356a0aa62d517

    • SSDEEP

      49152:Ls1MhZwDwVkd9WEfhhRHfwtnKcZZ45JFcQSmsAMb6WWB+j8UG0wKeK9KE2fA5E:L4/wx+5PMbNhDbE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Credentials from Password Stores: Windows Credential Manager

      Suspicious access to Credentials History.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Sets desktop wallpaper using registry

MITRE ATT&CK Enterprise v16

Tasks