General
-
Target
c9c3835751c274bdea48ae098026e8476bfdef4b0f34bb2477772093ef38d637
-
Size
2.5MB
-
Sample
221124-xz48aagg2x
-
MD5
61e4e0587b7cfa04581a53c9136b3465
-
SHA1
bf1830d86af35779a4ec0de75d4156c715240072
-
SHA256
c9c3835751c274bdea48ae098026e8476bfdef4b0f34bb2477772093ef38d637
-
SHA512
e8fb4245498e2fbc493c503f0bef6ed0b5d3d71b8725c4514def4b6e81aaa42be488fc055cff2bc507aff206db11286a00860d3284e2edebbb22df319e004e29
-
SSDEEP
49152:h1Os8IPtchP5IawtcvlV3COH8qA0OOMC1gqEaejGfrn:h1OrIPtrkvlBCOHgBCj
Malware Config
Targets
-
-
Target
c9c3835751c274bdea48ae098026e8476bfdef4b0f34bb2477772093ef38d637
-
Size
2.5MB
-
MD5
61e4e0587b7cfa04581a53c9136b3465
-
SHA1
bf1830d86af35779a4ec0de75d4156c715240072
-
SHA256
c9c3835751c274bdea48ae098026e8476bfdef4b0f34bb2477772093ef38d637
-
SHA512
e8fb4245498e2fbc493c503f0bef6ed0b5d3d71b8725c4514def4b6e81aaa42be488fc055cff2bc507aff206db11286a00860d3284e2edebbb22df319e004e29
-
SSDEEP
49152:h1Os8IPtchP5IawtcvlV3COH8qA0OOMC1gqEaejGfrn:h1OrIPtrkvlBCOHgBCj
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-