General
-
Target
e37568e3834062ec7cb29c6640cd2105683e32046af8b0003c0b3b3193cd85f2
-
Size
4.5MB
-
Sample
221124-wf2sdaae35
-
MD5
5da4722f7eb33f879d25cbdc9899e602
-
SHA1
dd414c44bc1f3075e7b1e4876bee8961fa706815
-
SHA256
e37568e3834062ec7cb29c6640cd2105683e32046af8b0003c0b3b3193cd85f2
-
SHA512
6bc7101817ad74cbb9c5fd0e912676489a4884d8aa4b2e9f86c352bc37865e4aa251a6050c79aa112c7ab28959975c4124db8c547ba03c06a58e5903c801a525
-
SSDEEP
49152:gYaKK5JkqteDSEnaxup4KHPXOjKzuFYdk8OCrZguQkjSlM/Zf0weeDNxdl:VOJkv2ExfOjK9kHWZgyj8MNtLNxd
Malware Config
Targets
-
-
Target
e37568e3834062ec7cb29c6640cd2105683e32046af8b0003c0b3b3193cd85f2
-
Size
4.5MB
-
MD5
5da4722f7eb33f879d25cbdc9899e602
-
SHA1
dd414c44bc1f3075e7b1e4876bee8961fa706815
-
SHA256
e37568e3834062ec7cb29c6640cd2105683e32046af8b0003c0b3b3193cd85f2
-
SHA512
6bc7101817ad74cbb9c5fd0e912676489a4884d8aa4b2e9f86c352bc37865e4aa251a6050c79aa112c7ab28959975c4124db8c547ba03c06a58e5903c801a525
-
SSDEEP
49152:gYaKK5JkqteDSEnaxup4KHPXOjKzuFYdk8OCrZguQkjSlM/Zf0weeDNxdl:VOJkv2ExfOjK9kHWZgyj8MNtLNxd
Score8/10-
Registers COM server for autorun
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Drops file in System32 directory
-