General
-
Target
c4d63caf3e972b0af7ff0d84830cd817916d4f9bed761cae6ceec3197e3ace91
-
Size
2.5MB
-
Sample
221124-x98y8aec37
-
MD5
b12ddc024c63c03511534d1a885cba44
-
SHA1
a8d49820d20d2ceb434e5d8ca82e8b55941989b5
-
SHA256
c4d63caf3e972b0af7ff0d84830cd817916d4f9bed761cae6ceec3197e3ace91
-
SHA512
a4d2d9113851624093a8c1cc15f7a0e051c16c5578a3c335c0cbe260ef4e1821689b45887474c1a48d4be977fa74b7f7ee14f4ffc9e6c34799138e203549a5cd
-
SSDEEP
49152:h1Os6dKF7UldNUwSMQRcXL3Bp9y14pkO/MPQpVPaytn5hbdTfg:h1OxQc/PXVp9yqIodg
Malware Config
Targets
-
-
Target
c4d63caf3e972b0af7ff0d84830cd817916d4f9bed761cae6ceec3197e3ace91
-
Size
2.5MB
-
MD5
b12ddc024c63c03511534d1a885cba44
-
SHA1
a8d49820d20d2ceb434e5d8ca82e8b55941989b5
-
SHA256
c4d63caf3e972b0af7ff0d84830cd817916d4f9bed761cae6ceec3197e3ace91
-
SHA512
a4d2d9113851624093a8c1cc15f7a0e051c16c5578a3c335c0cbe260ef4e1821689b45887474c1a48d4be977fa74b7f7ee14f4ffc9e6c34799138e203549a5cd
-
SSDEEP
49152:h1Os6dKF7UldNUwSMQRcXL3Bp9y14pkO/MPQpVPaytn5hbdTfg:h1OxQc/PXVp9yqIodg
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-