General
-
Target
f9f2bd2251695de76cf3b4eae7b4489d7fe2f3f2bc9199a89cab2b0a05bdb879
-
Size
2.5MB
-
Sample
221124-t58wwaff72
-
MD5
d6b826bf9c31ce5f72cc231761fcd315
-
SHA1
846b3fd6bf67763d9c4605e3cc847312fe7cfcca
-
SHA256
f9f2bd2251695de76cf3b4eae7b4489d7fe2f3f2bc9199a89cab2b0a05bdb879
-
SHA512
325f4b8cc12117a5d8a3c9e85fa6dc00d602de5caf9a18fd27cdb608d3ec9a803010017707c31d8b6dd85399aee2e10b873b2021b932e423e961ecf60eafec90
-
SSDEEP
49152:h1OsQ+QK3xQpjajXKioFMpYphqd3ArqvFUmEaDxEAxh4UR9TEd:h1OWQCjbKioVg3ArKh40U
Malware Config
Targets
-
-
Target
f9f2bd2251695de76cf3b4eae7b4489d7fe2f3f2bc9199a89cab2b0a05bdb879
-
Size
2.5MB
-
MD5
d6b826bf9c31ce5f72cc231761fcd315
-
SHA1
846b3fd6bf67763d9c4605e3cc847312fe7cfcca
-
SHA256
f9f2bd2251695de76cf3b4eae7b4489d7fe2f3f2bc9199a89cab2b0a05bdb879
-
SHA512
325f4b8cc12117a5d8a3c9e85fa6dc00d602de5caf9a18fd27cdb608d3ec9a803010017707c31d8b6dd85399aee2e10b873b2021b932e423e961ecf60eafec90
-
SSDEEP
49152:h1OsQ+QK3xQpjajXKioFMpYphqd3ArqvFUmEaDxEAxh4UR9TEd:h1OWQCjbKioVg3ArKh40U
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-