General
-
Target
c6e4e92323bf7de8c122241820f20e3d4269f63701aae8e9d170c6df872fbc87
-
Size
2.5MB
-
Sample
221124-x63ysshb4s
-
MD5
b9b63aa08fe4ef24621f2a893a51f6bd
-
SHA1
414e90ef721ef1a18b509273d174230e670e7ffc
-
SHA256
c6e4e92323bf7de8c122241820f20e3d4269f63701aae8e9d170c6df872fbc87
-
SHA512
2065c1d84eb64886b40b1f490db57f030e0ff038b189bc68b32e2708f515b4df7e2b96752744136e115c037dbfb8b4e20fd98cfd18180f1a303bbbe5cec49ccb
-
SSDEEP
49152:h1OsmPHVmVhYwiLtKkKyW4nFU0I+NP/f7I3lMOaYjdxvL0Ht:h1OBHVl71RnFXINxvO
Malware Config
Targets
-
-
Target
c6e4e92323bf7de8c122241820f20e3d4269f63701aae8e9d170c6df872fbc87
-
Size
2.5MB
-
MD5
b9b63aa08fe4ef24621f2a893a51f6bd
-
SHA1
414e90ef721ef1a18b509273d174230e670e7ffc
-
SHA256
c6e4e92323bf7de8c122241820f20e3d4269f63701aae8e9d170c6df872fbc87
-
SHA512
2065c1d84eb64886b40b1f490db57f030e0ff038b189bc68b32e2708f515b4df7e2b96752744136e115c037dbfb8b4e20fd98cfd18180f1a303bbbe5cec49ccb
-
SSDEEP
49152:h1OsmPHVmVhYwiLtKkKyW4nFU0I+NP/f7I3lMOaYjdxvL0Ht:h1OBHVl71RnFXINxvO
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-