General
-
Target
ff75f8abf56aaaf32e76b2f7d353a3a009487fe644be6c4c14a38bb7cd4b464d
-
Size
2.5MB
-
Sample
221124-tt83hafa23
-
MD5
9009e2df359d04c4786537d3773d3b91
-
SHA1
733e14a90b9f7d6311d6003504959bc3fe8b86e4
-
SHA256
ff75f8abf56aaaf32e76b2f7d353a3a009487fe644be6c4c14a38bb7cd4b464d
-
SHA512
778c0dd8183019be9f75bf1209a8a9e1a73508dfb38c012904f597d25e4e1398ea27569d6f87d2a053d7072f4fcbe604cf08c7e60ce988800d0c9a3a56ceda09
-
SSDEEP
49152:h1OsWIPtchP5IawtcvlV3COH8qA0OOMC1gqEaejGfrg:h1OzIPtrkvlBCOHgBC0
Malware Config
Targets
-
-
Target
ff75f8abf56aaaf32e76b2f7d353a3a009487fe644be6c4c14a38bb7cd4b464d
-
Size
2.5MB
-
MD5
9009e2df359d04c4786537d3773d3b91
-
SHA1
733e14a90b9f7d6311d6003504959bc3fe8b86e4
-
SHA256
ff75f8abf56aaaf32e76b2f7d353a3a009487fe644be6c4c14a38bb7cd4b464d
-
SHA512
778c0dd8183019be9f75bf1209a8a9e1a73508dfb38c012904f597d25e4e1398ea27569d6f87d2a053d7072f4fcbe604cf08c7e60ce988800d0c9a3a56ceda09
-
SSDEEP
49152:h1OsWIPtchP5IawtcvlV3COH8qA0OOMC1gqEaejGfrg:h1OzIPtrkvlBCOHgBC0
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Drops file in System32 directory
-