General
-
Target
c37ef81df47227fd262d8247fc5607f6e42890f64669c889902105b2e0766dc6
-
Size
2MB
-
Sample
221124-ycwhased79
-
MD5
5a0e9c31a6a64b678faa865c857b606e
-
SHA1
8fc86ba5af74a2631b1eef49d964020e5c360762
-
SHA256
c37ef81df47227fd262d8247fc5607f6e42890f64669c889902105b2e0766dc6
-
SHA512
83442a673b13beba03cbb5d6811edb739060e54dec5434cc39be968bb4345396b32bc6ab3cee45cd97190164ca1bbc74daef53b7348ff82116a68f1f8c88bf8a
-
SSDEEP
49152:h1Os/SQeb71DLvFzAqRmyyVchO4apKHcHhXa3FXWlPC1IS5zZ:h1OkSQY1DCqkck4apyLqi
Malware Config
Targets
-
-
Target
c37ef81df47227fd262d8247fc5607f6e42890f64669c889902105b2e0766dc6
-
Size
2MB
-
MD5
5a0e9c31a6a64b678faa865c857b606e
-
SHA1
8fc86ba5af74a2631b1eef49d964020e5c360762
-
SHA256
c37ef81df47227fd262d8247fc5607f6e42890f64669c889902105b2e0766dc6
-
SHA512
83442a673b13beba03cbb5d6811edb739060e54dec5434cc39be968bb4345396b32bc6ab3cee45cd97190164ca1bbc74daef53b7348ff82116a68f1f8c88bf8a
-
SSDEEP
49152:h1Os/SQeb71DLvFzAqRmyyVchO4apKHcHhXa3FXWlPC1IS5zZ:h1OkSQY1DCqkck4apyLqi
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
MITRE ATT&CK Matrix
Collection
Data from Local System
1Command and Control
Credential Access
Credentials in Files
1Defense Evasion
Modify Registry
1Discovery
Query Registry
1Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Browser Extensions
1Privilege Escalation