General
-
Target
c3a5449633218037defa91d2e436f3dfad7d822a749efe3f3c6c49d06d169005
-
Size
2.5MB
-
Sample
221124-yclcbsed66
-
MD5
e8dd46c620c0fdf22cc6648a569cf302
-
SHA1
ecf6478240ffb413375113d95d16bb9132b04157
-
SHA256
c3a5449633218037defa91d2e436f3dfad7d822a749efe3f3c6c49d06d169005
-
SHA512
bc2db41b620008b0634aa54316c0cfd1e852bb38a597bbdc884667b8e796272f17770f95dd3db0bfeeb693317d18d8272830875d127713d35b37620c43302746
-
SSDEEP
49152:h1OsBCpYO/dJJDHhs6oxRkNfehWfNs4VGufZ9JODSTz4bk3:h1OZly7kNfrNq43
Malware Config
Targets
-
-
Target
c3a5449633218037defa91d2e436f3dfad7d822a749efe3f3c6c49d06d169005
-
Size
2.5MB
-
MD5
e8dd46c620c0fdf22cc6648a569cf302
-
SHA1
ecf6478240ffb413375113d95d16bb9132b04157
-
SHA256
c3a5449633218037defa91d2e436f3dfad7d822a749efe3f3c6c49d06d169005
-
SHA512
bc2db41b620008b0634aa54316c0cfd1e852bb38a597bbdc884667b8e796272f17770f95dd3db0bfeeb693317d18d8272830875d127713d35b37620c43302746
-
SSDEEP
49152:h1OsBCpYO/dJJDHhs6oxRkNfehWfNs4VGufZ9JODSTz4bk3:h1OZly7kNfrNq43
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Drops file in System32 directory
-