General
-
Target
fef4dc75cff4ebd2678a4e1ab7705635accd605e8f1b4723761c238eeb48c91d
-
Size
2.5MB
-
Sample
221124-tv3xwaac7s
-
MD5
8d5f88e53569874630284d48be8ebb8a
-
SHA1
7c2d3cfbcb471f21c6a82be60c50dca1e0dd5d7d
-
SHA256
fef4dc75cff4ebd2678a4e1ab7705635accd605e8f1b4723761c238eeb48c91d
-
SHA512
94fc3d4d82f6649c40bc209af03a9baf6f59717a3dee74194fd2abfb93e99c8ae5abdf0cde91724184d656f2ed423c5ce553d3550dfdb159086f027682a1c67e
-
SSDEEP
49152:h1OstCpYO/dJJDHhs6oxRkNfehWfNs4VGufZ9JODSTz4bkP:h1OLly7kNfrNq4P
Malware Config
Targets
-
-
Target
fef4dc75cff4ebd2678a4e1ab7705635accd605e8f1b4723761c238eeb48c91d
-
Size
2.5MB
-
MD5
8d5f88e53569874630284d48be8ebb8a
-
SHA1
7c2d3cfbcb471f21c6a82be60c50dca1e0dd5d7d
-
SHA256
fef4dc75cff4ebd2678a4e1ab7705635accd605e8f1b4723761c238eeb48c91d
-
SHA512
94fc3d4d82f6649c40bc209af03a9baf6f59717a3dee74194fd2abfb93e99c8ae5abdf0cde91724184d656f2ed423c5ce553d3550dfdb159086f027682a1c67e
-
SSDEEP
49152:h1OstCpYO/dJJDHhs6oxRkNfehWfNs4VGufZ9JODSTz4bkP:h1OLly7kNfrNq4P
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Drops file in System32 directory
-