General
-
Target
c31fe6f0396a1636b076e7378c86ff5a4e2980b6ccfd5b22b8f28d8d2dd7cae7
-
Size
2.5MB
-
Sample
221124-ydzakshf2y
-
MD5
cbfc1a6881dfff36984851a68a74b949
-
SHA1
bfe6c876c82ab3ddbe6ba5b0d5d04b982d396d30
-
SHA256
c31fe6f0396a1636b076e7378c86ff5a4e2980b6ccfd5b22b8f28d8d2dd7cae7
-
SHA512
e3b56b00e5f8ee22b23b8863f5e136d76b96ab385b21aa7268ae6a0b235ad9550ce1b47977f41b0cfb1334e86bd3b69bb6292d9de46d8db6732c56692be4d720
-
SSDEEP
49152:h1Os1AQ+1ho2H8swSCCwwFB9nfFVDRBTY/3X5wRLCr56JK8xm:h1OtQzVCwJ/3CRLCrY8R
Malware Config
Targets
-
-
Target
c31fe6f0396a1636b076e7378c86ff5a4e2980b6ccfd5b22b8f28d8d2dd7cae7
-
Size
2.5MB
-
MD5
cbfc1a6881dfff36984851a68a74b949
-
SHA1
bfe6c876c82ab3ddbe6ba5b0d5d04b982d396d30
-
SHA256
c31fe6f0396a1636b076e7378c86ff5a4e2980b6ccfd5b22b8f28d8d2dd7cae7
-
SHA512
e3b56b00e5f8ee22b23b8863f5e136d76b96ab385b21aa7268ae6a0b235ad9550ce1b47977f41b0cfb1334e86bd3b69bb6292d9de46d8db6732c56692be4d720
-
SSDEEP
49152:h1Os1AQ+1ho2H8swSCCwwFB9nfFVDRBTY/3X5wRLCr56JK8xm:h1OtQzVCwJ/3CRLCrY8R
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-