General
-
Target
c13b18cbb83b667987c737341a3c6cf632a44415f2bf4fac7e27288ea7e1c4cc
-
Size
2.5MB
-
Sample
221124-yg3r6sef98
-
MD5
ada6807a43e043df7fec76a2bbcdc54e
-
SHA1
11763f0cf8ea6ca268a9e95c65d2543d4aa55b64
-
SHA256
c13b18cbb83b667987c737341a3c6cf632a44415f2bf4fac7e27288ea7e1c4cc
-
SHA512
e51eb143fa366758ed47a1e7b5d55788c5dbe9d3860dcb4ca228c9de626070d53b2440afb4f652e7bb0cf1fe18b82fbee6b06cc2740678522d67c6d1819a717a
-
SSDEEP
49152:h1OspjtPNg3MaK+715e2Yl8Wd7dZcRGzPbXO2mg6P1Ql5PPLKMRnUDO:h1OQjVNI71i86pZbz55PPLKMRUa
Malware Config
Targets
-
-
Target
c13b18cbb83b667987c737341a3c6cf632a44415f2bf4fac7e27288ea7e1c4cc
-
Size
2.5MB
-
MD5
ada6807a43e043df7fec76a2bbcdc54e
-
SHA1
11763f0cf8ea6ca268a9e95c65d2543d4aa55b64
-
SHA256
c13b18cbb83b667987c737341a3c6cf632a44415f2bf4fac7e27288ea7e1c4cc
-
SHA512
e51eb143fa366758ed47a1e7b5d55788c5dbe9d3860dcb4ca228c9de626070d53b2440afb4f652e7bb0cf1fe18b82fbee6b06cc2740678522d67c6d1819a717a
-
SSDEEP
49152:h1OspjtPNg3MaK+715e2Yl8Wd7dZcRGzPbXO2mg6P1Ql5PPLKMRnUDO:h1OQjVNI71i86pZbz55PPLKMRUa
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-