General
-
Target
c00a4c2d8fd6f0144a1e4b983e6b4d2457593254e47892c0fbdf1fb483e7b3ff
-
Size
2.5MB
-
Sample
221124-ykbg4aeh39
-
MD5
c247c16ad89ef1139ace3708bb4cc1fb
-
SHA1
63e7badbe281f1993d18d331dce65946ccd8a288
-
SHA256
c00a4c2d8fd6f0144a1e4b983e6b4d2457593254e47892c0fbdf1fb483e7b3ff
-
SHA512
a0b9a3baad13b266e7f179361c1e68d562d0e01e265e0a677ed37df80a28a1a7dbbd2f1aa060d151483289217453a7f9313c1af3fe0501be73a93278bdcf7611
-
SSDEEP
49152:h1Os8CpYO/dJJDHhs6oxRkNfehWfNs4VGufZ9JODSTz4bkX:h1Oely7kNfrNq4X
Malware Config
Targets
-
-
Target
c00a4c2d8fd6f0144a1e4b983e6b4d2457593254e47892c0fbdf1fb483e7b3ff
-
Size
2.5MB
-
MD5
c247c16ad89ef1139ace3708bb4cc1fb
-
SHA1
63e7badbe281f1993d18d331dce65946ccd8a288
-
SHA256
c00a4c2d8fd6f0144a1e4b983e6b4d2457593254e47892c0fbdf1fb483e7b3ff
-
SHA512
a0b9a3baad13b266e7f179361c1e68d562d0e01e265e0a677ed37df80a28a1a7dbbd2f1aa060d151483289217453a7f9313c1af3fe0501be73a93278bdcf7611
-
SSDEEP
49152:h1Os8CpYO/dJJDHhs6oxRkNfehWfNs4VGufZ9JODSTz4bkX:h1Oely7kNfrNq4X
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Drops file in System32 directory
-