General
-
Target
cf2bb9ffb315d914dbf9ac5570a59d4378d875ec56fb29fef550b5664a6fb111
-
Size
2.5MB
-
Sample
221124-xndwysga8v
-
MD5
31fbf8b89ac81155cce4ce995e4db8f0
-
SHA1
290e75beb35d7b1a87907aae0274e0131d467c89
-
SHA256
cf2bb9ffb315d914dbf9ac5570a59d4378d875ec56fb29fef550b5664a6fb111
-
SHA512
3f70baea90d86c195b188924385cd98d8b15e7e0a70c06e2b6faba2a8451e284207d643c14fd2b5bae855d75216e273b06c20fd17d2818c97ef5ce785b0e4640
-
SSDEEP
49152:h1Os6CpYO/dJJDHhs6oxRkNfehWfNs4VGufZ9JODSTz4bkX:h1OCly7kNfrNq4X
Malware Config
Targets
-
-
Target
cf2bb9ffb315d914dbf9ac5570a59d4378d875ec56fb29fef550b5664a6fb111
-
Size
2.5MB
-
MD5
31fbf8b89ac81155cce4ce995e4db8f0
-
SHA1
290e75beb35d7b1a87907aae0274e0131d467c89
-
SHA256
cf2bb9ffb315d914dbf9ac5570a59d4378d875ec56fb29fef550b5664a6fb111
-
SHA512
3f70baea90d86c195b188924385cd98d8b15e7e0a70c06e2b6faba2a8451e284207d643c14fd2b5bae855d75216e273b06c20fd17d2818c97ef5ce785b0e4640
-
SSDEEP
49152:h1Os6CpYO/dJJDHhs6oxRkNfehWfNs4VGufZ9JODSTz4bkX:h1OCly7kNfrNq4X
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Drops file in System32 directory
-