General
-
Target
f9df2480a4770bdb622920932ba6f9d1a1ecec505388beebfc22848ebe6b0be3
-
Size
2.5MB
-
Sample
221124-t6bb1aff76
-
MD5
b312ce05ab061f2c3b5822d78cde8b5c
-
SHA1
1c8bd7485e9a2038d4acf760f681f4bbcba11d74
-
SHA256
f9df2480a4770bdb622920932ba6f9d1a1ecec505388beebfc22848ebe6b0be3
-
SHA512
17eedafb9658343d7969ee0b1e3cddbafe9f286241304dbb418cfed60edaaf7e9dda34ed2e887b207a53868ebdf9c948934b5edafb0de2ac95c7c10b07cb3fb9
-
SSDEEP
49152:h1OspCpYO/dJJDHhs6oxRkNfehWfNs4VGufZ9JODSTz4bkU:h1ONly7kNfrNq4U
Malware Config
Targets
-
-
Target
f9df2480a4770bdb622920932ba6f9d1a1ecec505388beebfc22848ebe6b0be3
-
Size
2.5MB
-
MD5
b312ce05ab061f2c3b5822d78cde8b5c
-
SHA1
1c8bd7485e9a2038d4acf760f681f4bbcba11d74
-
SHA256
f9df2480a4770bdb622920932ba6f9d1a1ecec505388beebfc22848ebe6b0be3
-
SHA512
17eedafb9658343d7969ee0b1e3cddbafe9f286241304dbb418cfed60edaaf7e9dda34ed2e887b207a53868ebdf9c948934b5edafb0de2ac95c7c10b07cb3fb9
-
SSDEEP
49152:h1OspCpYO/dJJDHhs6oxRkNfehWfNs4VGufZ9JODSTz4bkU:h1ONly7kNfrNq4U
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Drops file in System32 directory
-