General

  • Target

    c6610d35905d5dd247f7a8287b5dbd0c2418367703c6704619fcb0ca85e5218c

  • Size

    4.4MB

  • Sample

    250704-plgwtstj12

  • MD5

    31f2e54ae283a2dc229a5e49289be422

  • SHA1

    8cfdaa52905f5ec3411697359b2b0670d39de7a3

  • SHA256

    c6610d35905d5dd247f7a8287b5dbd0c2418367703c6704619fcb0ca85e5218c

  • SHA512

    7a3b8bd225761bb2d8b6a1b001ebf80366144e2fe2e397bbd3427f2949a60c830d070fcca6ed59f10ce89f5fcf6e100e42502fb8cd5bc6e2fe3fd0931355094c

  • SSDEEP

    98304:iLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLL0:CjJ6

Malware Config

Targets

    • Target

      c6610d35905d5dd247f7a8287b5dbd0c2418367703c6704619fcb0ca85e5218c

    • Size

      4.4MB

    • MD5

      31f2e54ae283a2dc229a5e49289be422

    • SHA1

      8cfdaa52905f5ec3411697359b2b0670d39de7a3

    • SHA256

      c6610d35905d5dd247f7a8287b5dbd0c2418367703c6704619fcb0ca85e5218c

    • SHA512

      7a3b8bd225761bb2d8b6a1b001ebf80366144e2fe2e397bbd3427f2949a60c830d070fcca6ed59f10ce89f5fcf6e100e42502fb8cd5bc6e2fe3fd0931355094c

    • SSDEEP

      98304:iLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLL0:CjJ6

    • Drops startup file

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v16

Tasks