General
-
Target
cf0b69e92e81598cd18324826bac7c81e3e0d4628dadd3b4a319bf3684684df9
-
Size
2.5MB
-
Sample
221124-xnv58sgb2v
-
MD5
bcf20538091ad90b5bb2cdb8ca11edc2
-
SHA1
889ab671b6ce642a4a7c83d5d5e8f06541e7b245
-
SHA256
cf0b69e92e81598cd18324826bac7c81e3e0d4628dadd3b4a319bf3684684df9
-
SHA512
47b081580d7a0aab660823c278b00c0880cce6f0badf14aec24d6f0bcd3d258587eccd48ce37fa806a0c6d56dbbeb4ea4d9b3c6ac751b6b87f3afcf95aa1073a
-
SSDEEP
49152:h1OsVSQeb71DLvFzAqRmyyVchO4apKHcHhXa3FXWlPC1IS5zf:h1OQSQY1DCqkck4apyLqE
Malware Config
Targets
-
-
Target
cf0b69e92e81598cd18324826bac7c81e3e0d4628dadd3b4a319bf3684684df9
-
Size
2.5MB
-
MD5
bcf20538091ad90b5bb2cdb8ca11edc2
-
SHA1
889ab671b6ce642a4a7c83d5d5e8f06541e7b245
-
SHA256
cf0b69e92e81598cd18324826bac7c81e3e0d4628dadd3b4a319bf3684684df9
-
SHA512
47b081580d7a0aab660823c278b00c0880cce6f0badf14aec24d6f0bcd3d258587eccd48ce37fa806a0c6d56dbbeb4ea4d9b3c6ac751b6b87f3afcf95aa1073a
-
SSDEEP
49152:h1OsVSQeb71DLvFzAqRmyyVchO4apKHcHhXa3FXWlPC1IS5zf:h1OQSQY1DCqkck4apyLqE
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-