General
-
Target
c3a2a5a0ca8586f73b4867ed30c3201ad5d2f7dd4e1e69f4c9a12638f1b50fa2
-
Size
931KB
-
Sample
221124-ycl9maed67
-
MD5
5c70052ed7afaedfd084a8d48a660ba2
-
SHA1
3b784c38e3556d1c0f99d37bf4f2b93fc688638e
-
SHA256
c3a2a5a0ca8586f73b4867ed30c3201ad5d2f7dd4e1e69f4c9a12638f1b50fa2
-
SHA512
f2d3aabd4866ec09e9f2ea9589df48f50e7779cfdc271fbbee7e6032e57a104a89b22e8e8900f3f97b700ff00503864f3e1c244916c766a37ba9039e61c1bafd
-
SSDEEP
24576:h1OYdaOfCZ/iWCvu/2sWsJA/jlt+DHhs8:h1OshCpYO/dJJDHhs8
Malware Config
Targets
-
-
Target
c3a2a5a0ca8586f73b4867ed30c3201ad5d2f7dd4e1e69f4c9a12638f1b50fa2
-
Size
931KB
-
MD5
5c70052ed7afaedfd084a8d48a660ba2
-
SHA1
3b784c38e3556d1c0f99d37bf4f2b93fc688638e
-
SHA256
c3a2a5a0ca8586f73b4867ed30c3201ad5d2f7dd4e1e69f4c9a12638f1b50fa2
-
SHA512
f2d3aabd4866ec09e9f2ea9589df48f50e7779cfdc271fbbee7e6032e57a104a89b22e8e8900f3f97b700ff00503864f3e1c244916c766a37ba9039e61c1bafd
-
SSDEEP
24576:h1OYdaOfCZ/iWCvu/2sWsJA/jlt+DHhs8:h1OshCpYO/dJJDHhs8
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Drops file in System32 directory
-