General

  • Target

    ca1a7db92989e54b6e12730f24667dcf185369709d20fd4cc67582e6dc60a1c5

  • Size

    33KB

  • Sample

    250704-npklfs11hw

  • MD5

    2c2b42204bea1987fa9f5a350c273c11

  • SHA1

    ff3011027910ac442290fe49be1ff58b5d43732e

  • SHA256

    ca1a7db92989e54b6e12730f24667dcf185369709d20fd4cc67582e6dc60a1c5

  • SHA512

    4b01a195564d4b18ff10a1b7b163ca8700b7fd0e498935d22e66422df76e54227c50837ee61581dab9965966b27dcab40addeb8b305b83c21a175823714bce5a

  • SSDEEP

    768:HDmNaka75ElOIEvzMXqtwp/lttaL7HP4tD2ZZqOpg22HE:HDYaT75aYzMXqtGNttyitOpg22

Malware Config

Targets

    • Target

      ca1a7db92989e54b6e12730f24667dcf185369709d20fd4cc67582e6dc60a1c5

    • Size

      33KB

    • MD5

      2c2b42204bea1987fa9f5a350c273c11

    • SHA1

      ff3011027910ac442290fe49be1ff58b5d43732e

    • SHA256

      ca1a7db92989e54b6e12730f24667dcf185369709d20fd4cc67582e6dc60a1c5

    • SHA512

      4b01a195564d4b18ff10a1b7b163ca8700b7fd0e498935d22e66422df76e54227c50837ee61581dab9965966b27dcab40addeb8b305b83c21a175823714bce5a

    • SSDEEP

      768:HDmNaka75ElOIEvzMXqtwp/lttaL7HP4tD2ZZqOpg22HE:HDYaT75aYzMXqtGNttyitOpg22

    • Drops file in Drivers directory

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v16

Tasks