General
-
Target
c14fb8d9686d73790e299325d1d5291c836825cf000b78f65a40dd35d596ad52
-
Size
2.5MB
-
Sample
221124-ygx7paef87
-
MD5
45b677dbb59d10f253342e6e33fd9c0c
-
SHA1
db8c85d789c1f0399b6f422b74248dec082cedb1
-
SHA256
c14fb8d9686d73790e299325d1d5291c836825cf000b78f65a40dd35d596ad52
-
SHA512
b04674d8a682a7207399db3ad997695ba90f74cfb083e05060a5bce5fbb6324c944b9fc2cde1136f472779f471924302a3509e9c56d4d6a8c5831d991ce216c9
-
SSDEEP
49152:h1OsePHVmVhYwiLtKkKyW4nFU0I+NP/f7I3lMOaYjdxvL0Hy:h1O7HVl71RnFXINxvL
Malware Config
Targets
-
-
Target
c14fb8d9686d73790e299325d1d5291c836825cf000b78f65a40dd35d596ad52
-
Size
2.5MB
-
MD5
45b677dbb59d10f253342e6e33fd9c0c
-
SHA1
db8c85d789c1f0399b6f422b74248dec082cedb1
-
SHA256
c14fb8d9686d73790e299325d1d5291c836825cf000b78f65a40dd35d596ad52
-
SHA512
b04674d8a682a7207399db3ad997695ba90f74cfb083e05060a5bce5fbb6324c944b9fc2cde1136f472779f471924302a3509e9c56d4d6a8c5831d991ce216c9
-
SSDEEP
49152:h1OsePHVmVhYwiLtKkKyW4nFU0I+NP/f7I3lMOaYjdxvL0Hy:h1O7HVl71RnFXINxvL
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Drops file in System32 directory
-