General
-
Target
ca86fb1b95f23204f9090a21648a170f80edf64a5b2882ffa31dd7bf2325f74b
-
Size
2.5MB
-
Sample
221124-xyldsade65
-
MD5
dbd418fbff74dcffb93c455819ac0aa4
-
SHA1
4456e4ce09914ff64fa7c973855d315cacb9dd15
-
SHA256
ca86fb1b95f23204f9090a21648a170f80edf64a5b2882ffa31dd7bf2325f74b
-
SHA512
9a20e20306267e95af19e2d1200136e7a3465c7550eb92842841d6928cd2d94749ba4378ba7547fc50d3544ba6720526daff324a46497a1283722d197d5baf3a
-
SSDEEP
49152:h1OspZtE/e06bzN8IPMA3u3uenuu0X6vA3rYAqXz0+gmTyCAM:h1OACezbzNve3ueE+p
Malware Config
Targets
-
-
Target
ca86fb1b95f23204f9090a21648a170f80edf64a5b2882ffa31dd7bf2325f74b
-
Size
2.5MB
-
MD5
dbd418fbff74dcffb93c455819ac0aa4
-
SHA1
4456e4ce09914ff64fa7c973855d315cacb9dd15
-
SHA256
ca86fb1b95f23204f9090a21648a170f80edf64a5b2882ffa31dd7bf2325f74b
-
SHA512
9a20e20306267e95af19e2d1200136e7a3465c7550eb92842841d6928cd2d94749ba4378ba7547fc50d3544ba6720526daff324a46497a1283722d197d5baf3a
-
SSDEEP
49152:h1OspZtE/e06bzN8IPMA3u3uenuu0X6vA3rYAqXz0+gmTyCAM:h1OACezbzNve3ueE+p
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-