General

  • Target

    Setup-MeggerBook-3.3.0.exe

  • Size

    115.9MB

  • Sample

    250704-nss21assey

  • MD5

    612d0f92fe3eed02c4f51961842e4839

  • SHA1

    a7b369ec8873533ced1d61592f9bbf44ab8d2782

  • SHA256

    ab0c263bdf9464bc332bbe2fb5e2a700ddf4863b319257992705b08fe85f2a86

  • SHA512

    52b7b434ad0ef936a7b6b8cc4943361900ea27f1d9183b280d7ff3158bccb08b3e5cd09c990e1939d637d86e6932315723673b3d7bfce374114d4e29546de16f

  • SSDEEP

    3145728:aqiJ6OteMNPIu1ZXs4aLR5U41ytqhlJM7KoumKL:a7J6OtXx1ZpadRyUhlJVAU

Malware Config

Targets

    • Target

      Setup-MeggerBook-3.3.0.exe

    • Size

      115.9MB

    • MD5

      612d0f92fe3eed02c4f51961842e4839

    • SHA1

      a7b369ec8873533ced1d61592f9bbf44ab8d2782

    • SHA256

      ab0c263bdf9464bc332bbe2fb5e2a700ddf4863b319257992705b08fe85f2a86

    • SHA512

      52b7b434ad0ef936a7b6b8cc4943361900ea27f1d9183b280d7ff3158bccb08b3e5cd09c990e1939d637d86e6932315723673b3d7bfce374114d4e29546de16f

    • SSDEEP

      3145728:aqiJ6OteMNPIu1ZXs4aLR5U41ytqhlJM7KoumKL:a7J6OtXx1ZpadRyUhlJVAU

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks