General
-
Target
c9e7ea8e59b6493279b9749b1dd2c9c850ad41f4f364d51a2c31ae7127f5944e
-
Size
2.5MB
-
Sample
221124-xzn63adf28
-
MD5
5b2575b8762141ae1a16f7b1247b1c84
-
SHA1
122d9d06ab90305157a5673c9d785d62ad28987b
-
SHA256
c9e7ea8e59b6493279b9749b1dd2c9c850ad41f4f364d51a2c31ae7127f5944e
-
SHA512
fa052b99568c49ee22725379424f0dfb282d6580ef3aceac6b489db302e073f9eabca64262508053bf455e4bf60d058778c94ce7cff885820073f9c3cb51ffb3
-
SSDEEP
49152:h1OsIsNQH0eNGTTOxTnkSM1XN+QMz3p6bOkAk+YetEW6FOCMwEFhjzdUwk:h1OHH0eNGunkt3+1z3p6iVCj
Malware Config
Targets
-
-
Target
c9e7ea8e59b6493279b9749b1dd2c9c850ad41f4f364d51a2c31ae7127f5944e
-
Size
2.5MB
-
MD5
5b2575b8762141ae1a16f7b1247b1c84
-
SHA1
122d9d06ab90305157a5673c9d785d62ad28987b
-
SHA256
c9e7ea8e59b6493279b9749b1dd2c9c850ad41f4f364d51a2c31ae7127f5944e
-
SHA512
fa052b99568c49ee22725379424f0dfb282d6580ef3aceac6b489db302e073f9eabca64262508053bf455e4bf60d058778c94ce7cff885820073f9c3cb51ffb3
-
SSDEEP
49152:h1OsIsNQH0eNGTTOxTnkSM1XN+QMz3p6bOkAk+YetEW6FOCMwEFhjzdUwk:h1OHH0eNGunkt3+1z3p6iVCj
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-