General
-
Target
9ce507fd5e992f768f48ae0b393bad18ebad5d63f92e6761c704e31f34f6e5fb
-
Size
4.5MB
-
Sample
221124-1h36fabc49
-
MD5
06195d930fbe9fa60e3da6804b52ad21
-
SHA1
90d2dc1476444a83026a666dc250a8601b632eae
-
SHA256
9ce507fd5e992f768f48ae0b393bad18ebad5d63f92e6761c704e31f34f6e5fb
-
SHA512
c84a59564febd69289f7ddbbf2c0fee6e690288730428aee58531a5ad09684129b9fcc35c1aedebd83a79b0c045b9a103dc1bfd938b40c4c5e4cec6ee60dd5a9
-
SSDEEP
49152:ylkQ3etW30mzG0Paxup4sa61dGKvghxfki1cc7SK8B+lyzEJ3ju4:kOtWrq0RGKcf7SKtYiTu
Malware Config
Targets
-
-
Target
9ce507fd5e992f768f48ae0b393bad18ebad5d63f92e6761c704e31f34f6e5fb
-
Size
4.5MB
-
MD5
06195d930fbe9fa60e3da6804b52ad21
-
SHA1
90d2dc1476444a83026a666dc250a8601b632eae
-
SHA256
9ce507fd5e992f768f48ae0b393bad18ebad5d63f92e6761c704e31f34f6e5fb
-
SHA512
c84a59564febd69289f7ddbbf2c0fee6e690288730428aee58531a5ad09684129b9fcc35c1aedebd83a79b0c045b9a103dc1bfd938b40c4c5e4cec6ee60dd5a9
-
SSDEEP
49152:ylkQ3etW30mzG0Paxup4sa61dGKvghxfki1cc7SK8B+lyzEJ3ju4:kOtWrq0RGKcf7SKtYiTu
Score8/10-
Registers COM server for autorun
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Drops file in System32 directory
-