General
-
Target
47cb54d161d463667ca59c79c96587638bb6c826b491a1f6561ae5ed282c2ff5
-
Size
2.0MB
-
Sample
221123-rrrdkahd23
-
MD5
47413aba6755df262c24219d5d81b48c
-
SHA1
fcf4349881d589f36c816818822fc77bb84d8ee4
-
SHA256
47cb54d161d463667ca59c79c96587638bb6c826b491a1f6561ae5ed282c2ff5
-
SHA512
9917d9b490b75128320b87f432a685103e5f94e58ab5bc151f2d8be8cd65baf47046f074f3b32d8d0f01cefedb36bc6712098226b07ed856e8475c97e5dd56e5
-
SSDEEP
49152:kkRyyoUjthDBcF8kkpH+poxXFXq4QzymQbW3:5vHV48rpH+pEI4SIW
Malware Config
Targets
-
-
Target
47cb54d161d463667ca59c79c96587638bb6c826b491a1f6561ae5ed282c2ff5
-
Size
2.0MB
-
MD5
47413aba6755df262c24219d5d81b48c
-
SHA1
fcf4349881d589f36c816818822fc77bb84d8ee4
-
SHA256
47cb54d161d463667ca59c79c96587638bb6c826b491a1f6561ae5ed282c2ff5
-
SHA512
9917d9b490b75128320b87f432a685103e5f94e58ab5bc151f2d8be8cd65baf47046f074f3b32d8d0f01cefedb36bc6712098226b07ed856e8475c97e5dd56e5
-
SSDEEP
49152:kkRyyoUjthDBcF8kkpH+poxXFXq4QzymQbW3:5vHV48rpH+pEI4SIW
Score8/10-
Executes dropped EXE
-
Registers COM server for autorun
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Drops file in System32 directory
-