General
-
Target
c80638141c3f1b9d62108c0670dbbf65900899f35e542f1b57708b7e12df2ff8
-
Size
2.5MB
-
Sample
221124-x4pcmadh54
-
MD5
35e71beae5ddcbfa0f24117453326d4a
-
SHA1
7572e2c926b1e823a94ec27c8e7910d6cfd75239
-
SHA256
c80638141c3f1b9d62108c0670dbbf65900899f35e542f1b57708b7e12df2ff8
-
SHA512
ab47c0387885f5d0224794b17147df941ed7f7ffddcba278b8f19e813569c56eb82b9edf815b0e922305b6b5607e695ca5044f3a38c84994a2770d3d73061c5a
-
SSDEEP
49152:h1OsF+QK3xQpjajXKioFMpYphqd3ArqvFUmEaDxEAxh4UR9TEe:h1ObQCjbKioVg3ArKh407
Malware Config
Targets
-
-
Target
c80638141c3f1b9d62108c0670dbbf65900899f35e542f1b57708b7e12df2ff8
-
Size
2.5MB
-
MD5
35e71beae5ddcbfa0f24117453326d4a
-
SHA1
7572e2c926b1e823a94ec27c8e7910d6cfd75239
-
SHA256
c80638141c3f1b9d62108c0670dbbf65900899f35e542f1b57708b7e12df2ff8
-
SHA512
ab47c0387885f5d0224794b17147df941ed7f7ffddcba278b8f19e813569c56eb82b9edf815b0e922305b6b5607e695ca5044f3a38c84994a2770d3d73061c5a
-
SSDEEP
49152:h1OsF+QK3xQpjajXKioFMpYphqd3ArqvFUmEaDxEAxh4UR9TEe:h1ObQCjbKioVg3ArKh407
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-