General

  • Target

    2025-07-04_8c2640bf197e5e3aec052b614003c042_mespinoza

  • Size

    7.0MB

  • Sample

    250704-nt7xjsssgw

  • MD5

    8c2640bf197e5e3aec052b614003c042

  • SHA1

    d3edfbf6d9c1d35abccd3b8efcfb94156ea213da

  • SHA256

    afa9d446df66cc03f3b1664c4944f702a30018a367b6830d6504b8513971bd03

  • SHA512

    c8bcf93f7bbcb31440e2d1b64b6363fb1b0958513980ee9a4c94754cb7cf42f483f5221619aee26e8bd3bdc79099779b00fe2d339512617b17bd4ef081007d0a

  • SSDEEP

    49152:QtEeRHiir8tpQs6gYnQkEntLUS+oImtITVoClHenizuTayvFIZT0g7lG9yQpZVFE:EairfQdZUSIoC5j4IZE9paZTO7Ws

Malware Config

Targets

    • Target

      2025-07-04_8c2640bf197e5e3aec052b614003c042_mespinoza

    • Size

      7.0MB

    • MD5

      8c2640bf197e5e3aec052b614003c042

    • SHA1

      d3edfbf6d9c1d35abccd3b8efcfb94156ea213da

    • SHA256

      afa9d446df66cc03f3b1664c4944f702a30018a367b6830d6504b8513971bd03

    • SHA512

      c8bcf93f7bbcb31440e2d1b64b6363fb1b0958513980ee9a4c94754cb7cf42f483f5221619aee26e8bd3bdc79099779b00fe2d339512617b17bd4ef081007d0a

    • SSDEEP

      49152:QtEeRHiir8tpQs6gYnQkEntLUS+oImtITVoClHenizuTayvFIZT0g7lG9yQpZVFE:EairfQdZUSIoC5j4IZE9paZTO7Ws

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks