General
-
Target
c13e6ee591ca46422c29eaffdbf027aae9956504a03bb2477a43173ebc2c00a2
-
Size
2.5MB
-
Sample
221124-yg2vwaef96
-
MD5
6f17e16085b538b5df7ad08332d7e275
-
SHA1
74ea72055ae3d8e139d31fc1a46614d8c07d6e02
-
SHA256
c13e6ee591ca46422c29eaffdbf027aae9956504a03bb2477a43173ebc2c00a2
-
SHA512
daac7ea2c778107adb7be05bd4c0628efa4406ef22d042587dae70eeb6c889e75c5d1f9f1a8e0187e51fce89e4ac8e19964a5e7e67b93565345f911eb6505d4c
-
SSDEEP
49152:h1OsvLcyYizLFAkqkpcfOgZ9m7POsrKFoWDzFDJTViU9YxLQ6XDR:h1O2cWf5qkgOIIKTpiCIR
Malware Config
Targets
-
-
Target
c13e6ee591ca46422c29eaffdbf027aae9956504a03bb2477a43173ebc2c00a2
-
Size
2.5MB
-
MD5
6f17e16085b538b5df7ad08332d7e275
-
SHA1
74ea72055ae3d8e139d31fc1a46614d8c07d6e02
-
SHA256
c13e6ee591ca46422c29eaffdbf027aae9956504a03bb2477a43173ebc2c00a2
-
SHA512
daac7ea2c778107adb7be05bd4c0628efa4406ef22d042587dae70eeb6c889e75c5d1f9f1a8e0187e51fce89e4ac8e19964a5e7e67b93565345f911eb6505d4c
-
SSDEEP
49152:h1OsvLcyYizLFAkqkpcfOgZ9m7POsrKFoWDzFDJTViU9YxLQ6XDR:h1O2cWf5qkgOIIKTpiCIR
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-