General
-
Target
e6094a8906ffaca5b075f86ecd14f76ba4295317e9490b7a797f5468d3d4a0a3
-
Size
4.6MB
-
Sample
221124-warp8adc7s
-
MD5
951e6de1be2bef0cadf6a3df95b932b9
-
SHA1
7e61ee281db676a53d42c9c53040d27a502e2519
-
SHA256
e6094a8906ffaca5b075f86ecd14f76ba4295317e9490b7a797f5468d3d4a0a3
-
SHA512
37335cce656f65cd0b296cb8aad751020b863cc9317453e9d62f889354ebf4d3dd4a974327b6bbc4677da8d44f2ca87abc9e6666187e2481680d70fca8323cee
-
SSDEEP
49152:NheoGUjQAuwgnz0p+jGnLJLpg5A7LSfQFXj+prN8kGKwR2k9OIa8+8vM5XxO8aOP:cGgop+jktpg5A7NXj+prN5wb9vX+8vM
Malware Config
Targets
-
-
Target
e6094a8906ffaca5b075f86ecd14f76ba4295317e9490b7a797f5468d3d4a0a3
-
Size
4.6MB
-
MD5
951e6de1be2bef0cadf6a3df95b932b9
-
SHA1
7e61ee281db676a53d42c9c53040d27a502e2519
-
SHA256
e6094a8906ffaca5b075f86ecd14f76ba4295317e9490b7a797f5468d3d4a0a3
-
SHA512
37335cce656f65cd0b296cb8aad751020b863cc9317453e9d62f889354ebf4d3dd4a974327b6bbc4677da8d44f2ca87abc9e6666187e2481680d70fca8323cee
-
SSDEEP
49152:NheoGUjQAuwgnz0p+jGnLJLpg5A7LSfQFXj+prN8kGKwR2k9OIa8+8vM5XxO8aOP:cGgop+jktpg5A7NXj+prN5wb9vX+8vM
Score8/10-
Registers COM server for autorun
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Drops file in System32 directory
-