General
-
Target
cd9be34a78d6796e1e221ca599f8eb7fc2ef079344af166d6993880d8cd80e6b
-
Size
4.2MB
-
Sample
221124-xrnwbsgc4v
-
MD5
392eb4f6b1bdee5e29975f8acb94ce07
-
SHA1
660b31b9f03b1cef3ce8ad6b5598a8b82e86d334
-
SHA256
cd9be34a78d6796e1e221ca599f8eb7fc2ef079344af166d6993880d8cd80e6b
-
SHA512
96f4a436e29636e25bf1964b0489c03887c98790acbb09670817263b5f2331507b3b646ed16e40b7bbaac678ef611ca21681b3c22cdcf50bfadb54b62402ee9f
-
SSDEEP
49152:lo2ipIZ1YdVemQGdy+dYXt+nnxR9VarazzibdEkoCfdeCyvJ+ZyUReq7TLzWY:q9piYdVemZylXgXhzzibdlwCyEvR3z
Malware Config
Targets
-
-
Target
cd9be34a78d6796e1e221ca599f8eb7fc2ef079344af166d6993880d8cd80e6b
-
Size
4.2MB
-
MD5
392eb4f6b1bdee5e29975f8acb94ce07
-
SHA1
660b31b9f03b1cef3ce8ad6b5598a8b82e86d334
-
SHA256
cd9be34a78d6796e1e221ca599f8eb7fc2ef079344af166d6993880d8cd80e6b
-
SHA512
96f4a436e29636e25bf1964b0489c03887c98790acbb09670817263b5f2331507b3b646ed16e40b7bbaac678ef611ca21681b3c22cdcf50bfadb54b62402ee9f
-
SSDEEP
49152:lo2ipIZ1YdVemQGdy+dYXt+nnxR9VarazzibdEkoCfdeCyvJ+ZyUReq7TLzWY:q9piYdVemZylXgXhzzibdlwCyEvR3z
Score8/10-
Registers COM server for autorun
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Drops file in System32 directory
-