General
-
Target
ce8c2c01e92bdbbf72772ec887f1024c83fd13a2e9ed36a33ccc12c7f7770048
-
Size
2.5MB
-
Sample
221124-xpvabsda33
-
MD5
04e1ffc1e76524f077670bbad86c16a8
-
SHA1
45caa79d09f4e12959adee8bb9b416a52439667f
-
SHA256
ce8c2c01e92bdbbf72772ec887f1024c83fd13a2e9ed36a33ccc12c7f7770048
-
SHA512
90312a5ea94dedb16983e9d78c97545eb6b53b0e80de7b9403b92885154f0f89df92a2b97e748bca1cd1becfbfc173b36ab375ec5e0d0a7a7dcc4a8a085ad707
-
SSDEEP
49152:h1Os9Uc3R1YQeb1bR9qMS3te/+E+kzkeRutdQ3L3V/A9Ve4:h1OCbRsTWe/ZS
Malware Config
Targets
-
-
Target
ce8c2c01e92bdbbf72772ec887f1024c83fd13a2e9ed36a33ccc12c7f7770048
-
Size
2.5MB
-
MD5
04e1ffc1e76524f077670bbad86c16a8
-
SHA1
45caa79d09f4e12959adee8bb9b416a52439667f
-
SHA256
ce8c2c01e92bdbbf72772ec887f1024c83fd13a2e9ed36a33ccc12c7f7770048
-
SHA512
90312a5ea94dedb16983e9d78c97545eb6b53b0e80de7b9403b92885154f0f89df92a2b97e748bca1cd1becfbfc173b36ab375ec5e0d0a7a7dcc4a8a085ad707
-
SSDEEP
49152:h1Os9Uc3R1YQeb1bR9qMS3te/+E+kzkeRutdQ3L3V/A9Ve4:h1OCbRsTWe/ZS
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-