General
-
Target
fbe38f0e1eebf9c2b571a9b195a07fe7013e9391bff722dbfb3b6568e22fd515
-
Size
2.5MB
-
Sample
221124-t2nrjafd74
-
MD5
b9107a0a5cecd401db7e0a07ff8beb70
-
SHA1
faefd57b99aa7f518be5600e158c0d887004f148
-
SHA256
fbe38f0e1eebf9c2b571a9b195a07fe7013e9391bff722dbfb3b6568e22fd515
-
SHA512
844edce4c0ae9713a6f4d858e9483b373076f90114cfbc7feadc00acf4d15175bfdf018ccb3affa6aee52a3c796ea3b84c315048eb4655953f1f9e6fd4cc88f7
-
SSDEEP
49152:h1Os0PHVmVhYwiLtKkKyW4nFU0I+NP/f7I3lMOaYjdxvL0Hu:h1OLHVl71RnFXINxvJ
Malware Config
Targets
-
-
Target
fbe38f0e1eebf9c2b571a9b195a07fe7013e9391bff722dbfb3b6568e22fd515
-
Size
2.5MB
-
MD5
b9107a0a5cecd401db7e0a07ff8beb70
-
SHA1
faefd57b99aa7f518be5600e158c0d887004f148
-
SHA256
fbe38f0e1eebf9c2b571a9b195a07fe7013e9391bff722dbfb3b6568e22fd515
-
SHA512
844edce4c0ae9713a6f4d858e9483b373076f90114cfbc7feadc00acf4d15175bfdf018ccb3affa6aee52a3c796ea3b84c315048eb4655953f1f9e6fd4cc88f7
-
SSDEEP
49152:h1Os0PHVmVhYwiLtKkKyW4nFU0I+NP/f7I3lMOaYjdxvL0Hu:h1OLHVl71RnFXINxvJ
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-