General
-
Target
fed5a9b32658a67236c240ba06fd00a7a326ffa6080627d7db546328ac26a1cf
-
Size
2.5MB
-
Sample
221124-twddlsfa75
-
MD5
ba08128a08b3caff3a5fbb379535a714
-
SHA1
f44473883a58a0867a4fc85465944a5842e9db0a
-
SHA256
fed5a9b32658a67236c240ba06fd00a7a326ffa6080627d7db546328ac26a1cf
-
SHA512
bcc6196975e2537cfa0571bd218c20ec874e6acddb27aba175a2c364f5cc6407be458d9991d6319948352b2617f3c17ace17392866ae73545c309b00d3915ad9
-
SSDEEP
49152:h1OsJsNQH0eNGTTOxTnkSM1XN+QMz3p6bOkAk+YetEW6FOCMwEFhjzdUwZ:h1OAH0eNGunkt3+1z3p6iVCI
Malware Config
Targets
-
-
Target
fed5a9b32658a67236c240ba06fd00a7a326ffa6080627d7db546328ac26a1cf
-
Size
2.5MB
-
MD5
ba08128a08b3caff3a5fbb379535a714
-
SHA1
f44473883a58a0867a4fc85465944a5842e9db0a
-
SHA256
fed5a9b32658a67236c240ba06fd00a7a326ffa6080627d7db546328ac26a1cf
-
SHA512
bcc6196975e2537cfa0571bd218c20ec874e6acddb27aba175a2c364f5cc6407be458d9991d6319948352b2617f3c17ace17392866ae73545c309b00d3915ad9
-
SSDEEP
49152:h1OsJsNQH0eNGTTOxTnkSM1XN+QMz3p6bOkAk+YetEW6FOCMwEFhjzdUwZ:h1OAH0eNGunkt3+1z3p6iVCI
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-