General
-
Target
face5ab4daf474b83f09e98c2013ef88c351cb7aeb3c2f45005d0f25da3ad880
-
Size
2.5MB
-
Sample
221124-t4m8saag7y
-
MD5
fb9ed29acb28dbe0f2ad2422127a2186
-
SHA1
00de1180f862469afda29f388a916aee1b3a4f62
-
SHA256
face5ab4daf474b83f09e98c2013ef88c351cb7aeb3c2f45005d0f25da3ad880
-
SHA512
ecd2c123baeb1e1ed366ad0ff738287199ef1e21f8961de24f944f6353a7cdf00926889a7a8dcffadd673f495d6e277001c92ace8244488b3fc12000096dd45a
-
SSDEEP
49152:h1OsysNQH0eNGTTOxTnkSM1XN+QMz3p6bOkAk+YetEW6FOCMwEFhjzdUw1:h1OLH0eNGunkt3+1z3p6iVCg
Malware Config
Targets
-
-
Target
face5ab4daf474b83f09e98c2013ef88c351cb7aeb3c2f45005d0f25da3ad880
-
Size
2.5MB
-
MD5
fb9ed29acb28dbe0f2ad2422127a2186
-
SHA1
00de1180f862469afda29f388a916aee1b3a4f62
-
SHA256
face5ab4daf474b83f09e98c2013ef88c351cb7aeb3c2f45005d0f25da3ad880
-
SHA512
ecd2c123baeb1e1ed366ad0ff738287199ef1e21f8961de24f944f6353a7cdf00926889a7a8dcffadd673f495d6e277001c92ace8244488b3fc12000096dd45a
-
SSDEEP
49152:h1OsysNQH0eNGTTOxTnkSM1XN+QMz3p6bOkAk+YetEW6FOCMwEFhjzdUw1:h1OLH0eNGunkt3+1z3p6iVCg
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-