General
-
Target
c9e1c5852fd638b4d435c3db617fb5c08575bf4eb191d5f0c91f1a1026ab15ab
-
Size
2.5MB
-
Sample
221124-xzrxysgf9v
-
MD5
5ee124252f67871e50699fc79088731c
-
SHA1
35cefa1daad9a8018eb6a28c2f49b0c81bdd413a
-
SHA256
c9e1c5852fd638b4d435c3db617fb5c08575bf4eb191d5f0c91f1a1026ab15ab
-
SHA512
9d2340043dfe72fdb51d90870de82ac44737ef5329220be56e003324ee40a9cd03a649e656e78d60e46b033e01381b9b6670ed6d23d37f450e8e166219fc4d23
-
SSDEEP
49152:h1OsbsNQH0eNGTTOxTnkSM1XN+QMz3p6bOkAk+YetEW6FOCMwEFhjzdUwP:h1OiH0eNGunkt3+1z3p6iVCM
Malware Config
Targets
-
-
Target
c9e1c5852fd638b4d435c3db617fb5c08575bf4eb191d5f0c91f1a1026ab15ab
-
Size
2.5MB
-
MD5
5ee124252f67871e50699fc79088731c
-
SHA1
35cefa1daad9a8018eb6a28c2f49b0c81bdd413a
-
SHA256
c9e1c5852fd638b4d435c3db617fb5c08575bf4eb191d5f0c91f1a1026ab15ab
-
SHA512
9d2340043dfe72fdb51d90870de82ac44737ef5329220be56e003324ee40a9cd03a649e656e78d60e46b033e01381b9b6670ed6d23d37f450e8e166219fc4d23
-
SSDEEP
49152:h1OsbsNQH0eNGTTOxTnkSM1XN+QMz3p6bOkAk+YetEW6FOCMwEFhjzdUwP:h1OiH0eNGunkt3+1z3p6iVCM
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-