General
-
Target
c6b0d5b9cbd3d7add56c66f78c528ffcb503b4c97b480fb8716de25df1087b62
-
Size
2.5MB
-
Sample
221124-x7b7gahb5x
-
MD5
9e0ec9f4bf3944a5866244c1044fbb43
-
SHA1
a36f1eb0260df33db182dace8179e81dba8f687c
-
SHA256
c6b0d5b9cbd3d7add56c66f78c528ffcb503b4c97b480fb8716de25df1087b62
-
SHA512
61141b96988cf194c265162a70a3e921871fbc508049eac0a08b9c52dd415f1effefa777dbc8bf24c326bf11f411f3ee7b8c83f2e02970a4a716c26f7ee86af5
-
SSDEEP
49152:h1OsTCpYO/dJJDHhs6oxRkNfehWfNs4VGufZ9JODSTz4bkI:h1OHly7kNfrNq4I
Malware Config
Targets
-
-
Target
c6b0d5b9cbd3d7add56c66f78c528ffcb503b4c97b480fb8716de25df1087b62
-
Size
2.5MB
-
MD5
9e0ec9f4bf3944a5866244c1044fbb43
-
SHA1
a36f1eb0260df33db182dace8179e81dba8f687c
-
SHA256
c6b0d5b9cbd3d7add56c66f78c528ffcb503b4c97b480fb8716de25df1087b62
-
SHA512
61141b96988cf194c265162a70a3e921871fbc508049eac0a08b9c52dd415f1effefa777dbc8bf24c326bf11f411f3ee7b8c83f2e02970a4a716c26f7ee86af5
-
SSDEEP
49152:h1OsTCpYO/dJJDHhs6oxRkNfehWfNs4VGufZ9JODSTz4bkI:h1OHly7kNfrNq4I
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Drops file in System32 directory
-