General

  • Target

    3fab650f79bea848c51c9359069c2d989d22c0ea1c880710142a32b788899ecd

  • Size

    4.7MB

  • Sample

    250704-npwnqassat

  • MD5

    f504cf92e012763435765c3759bb2f9b

  • SHA1

    f5589d08d19db3e39a772cb6dd5304eb81dd20b5

  • SHA256

    3fab650f79bea848c51c9359069c2d989d22c0ea1c880710142a32b788899ecd

  • SHA512

    216957080cccfd559762a43b8fdc22dc1adc1e753647104bb2522077a34dba94ab8e3d4fae8e4fbd66f28d449bd8472eed5bd797d4b9d2f621935b0d98504cfc

  • SSDEEP

    98304:iLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLB:CjJz

Malware Config

Targets

    • Target

      3fab650f79bea848c51c9359069c2d989d22c0ea1c880710142a32b788899ecd

    • Size

      4.7MB

    • MD5

      f504cf92e012763435765c3759bb2f9b

    • SHA1

      f5589d08d19db3e39a772cb6dd5304eb81dd20b5

    • SHA256

      3fab650f79bea848c51c9359069c2d989d22c0ea1c880710142a32b788899ecd

    • SHA512

      216957080cccfd559762a43b8fdc22dc1adc1e753647104bb2522077a34dba94ab8e3d4fae8e4fbd66f28d449bd8472eed5bd797d4b9d2f621935b0d98504cfc

    • SSDEEP

      98304:iLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLB:CjJz

    • Drops startup file

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v16

Tasks