General

  • Target

    ae6029d89a81005143e1687ca367b4ef5e4087930a007e77c059b98b3e1a959d

  • Size

    1.4MB

  • Sample

    250704-x272ysxrz6

  • MD5

    e21046b50d25ecc2248564f8484e08d8

  • SHA1

    fff764ccb5a0bbf6da184d88a70b506ab9bad7dd

  • SHA256

    ae6029d89a81005143e1687ca367b4ef5e4087930a007e77c059b98b3e1a959d

  • SHA512

    5c737cc0dcb8764ae1ae7ed6eceecdb04bb49b9ff62e58f2661e171c3cd1bbca9c59e4fc331c7f0a47b9104c63b054d704ed28662399cb24f10fbd1571f32457

  • SSDEEP

    24576:SlYNkj8uASjhSpfsbw7CikNdEc1WsmwSJmJiopFdC6I3cKVAvPhScZii:rNkQuNhi2mBsm/6i6SYKVAvgcsi

Malware Config

Targets

    • Target

      ae6029d89a81005143e1687ca367b4ef5e4087930a007e77c059b98b3e1a959d

    • Size

      1.4MB

    • MD5

      e21046b50d25ecc2248564f8484e08d8

    • SHA1

      fff764ccb5a0bbf6da184d88a70b506ab9bad7dd

    • SHA256

      ae6029d89a81005143e1687ca367b4ef5e4087930a007e77c059b98b3e1a959d

    • SHA512

      5c737cc0dcb8764ae1ae7ed6eceecdb04bb49b9ff62e58f2661e171c3cd1bbca9c59e4fc331c7f0a47b9104c63b054d704ed28662399cb24f10fbd1571f32457

    • SSDEEP

      24576:SlYNkj8uASjhSpfsbw7CikNdEc1WsmwSJmJiopFdC6I3cKVAvPhScZii:rNkQuNhi2mBsm/6i6SYKVAvgcsi

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks