General
-
Target
c0e9b1e73659ff70fa761cf11f9a406d9882ac2d85ea5cd888312bc6b06ec035
-
Size
2.5MB
-
Sample
221124-yherqshh2s
-
MD5
c4e23c82ad366f998dcd192cb38c054e
-
SHA1
8da7244b75c4f8f50e691832d91f10a56e2344a1
-
SHA256
c0e9b1e73659ff70fa761cf11f9a406d9882ac2d85ea5cd888312bc6b06ec035
-
SHA512
49055b204668359266da4b028d1a7ffcd2fa36e65fd24bd9379f855843d76f4ce6c7fb5261ec62811433843f7be5cf2e85ee55877467dcf09b00dbc7bb89e886
-
SSDEEP
49152:h1OsLAQ+1ho2H8swSCCwwFB9nfFVDRBTY/3X5wRLCr56JK8xd:h1O3QzVCwJ/3CRLCrY8+
Malware Config
Targets
-
-
Target
c0e9b1e73659ff70fa761cf11f9a406d9882ac2d85ea5cd888312bc6b06ec035
-
Size
2.5MB
-
MD5
c4e23c82ad366f998dcd192cb38c054e
-
SHA1
8da7244b75c4f8f50e691832d91f10a56e2344a1
-
SHA256
c0e9b1e73659ff70fa761cf11f9a406d9882ac2d85ea5cd888312bc6b06ec035
-
SHA512
49055b204668359266da4b028d1a7ffcd2fa36e65fd24bd9379f855843d76f4ce6c7fb5261ec62811433843f7be5cf2e85ee55877467dcf09b00dbc7bb89e886
-
SSDEEP
49152:h1OsLAQ+1ho2H8swSCCwwFB9nfFVDRBTY/3X5wRLCr56JK8xd:h1O3QzVCwJ/3CRLCrY8+
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-