General
-
Target
0dc82bec5cae5f8333706ca66025d04925d8744e9c581bce84bfefd918239f01
-
Size
255KB
-
Sample
220529-trqs5sbdfl
-
MD5
370ca675f9b98f917c8118a599f95fec
-
SHA1
67171e70cdfefe92bd02e309e003de4af67c5738
-
SHA256
0dc82bec5cae5f8333706ca66025d04925d8744e9c581bce84bfefd918239f01
-
SHA512
33b021805d2555123cc27bcfcec5310f6dfd682e6d1e0925782753df8bb611fe5f1a2fd22c1d49e0daae7126957fd5d84e000b9e7a1e7fd860cb2bf3c5f8b31a
Malware Config
Targets
-
-
Target
0dc82bec5cae5f8333706ca66025d04925d8744e9c581bce84bfefd918239f01
-
Size
255KB
-
MD5
370ca675f9b98f917c8118a599f95fec
-
SHA1
67171e70cdfefe92bd02e309e003de4af67c5738
-
SHA256
0dc82bec5cae5f8333706ca66025d04925d8744e9c581bce84bfefd918239f01
-
SHA512
33b021805d2555123cc27bcfcec5310f6dfd682e6d1e0925782753df8bb611fe5f1a2fd22c1d49e0daae7126957fd5d84e000b9e7a1e7fd860cb2bf3c5f8b31a
Score9/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-