General
-
Target
a526fa64ed23715f034803bd545dae804f7ed2d10d333c8f71269b4fe91e89cf
-
Size
2.5MB
-
Sample
221124-z4cpyadd6y
-
MD5
b71aece504ee8bcfc7695693c04d9bc8
-
SHA1
1857b73242e19b91e06f679f44dff92755a515f1
-
SHA256
a526fa64ed23715f034803bd545dae804f7ed2d10d333c8f71269b4fe91e89cf
-
SHA512
d8421a2495d24c4dd1dc64d22cf45c40fea2794bb4e98d1cb85f80f6daf57a00b53aaa784c71706ced2b782aba02b47d229da270937dbc466f4775a7978bebfd
-
SSDEEP
49152:h1OsZsbT5tEwd8c494ibL92Ff05SZ570tzKqZFsa:h1OWs35bBML92c
Malware Config
Targets
-
-
Target
a526fa64ed23715f034803bd545dae804f7ed2d10d333c8f71269b4fe91e89cf
-
Size
2.5MB
-
MD5
b71aece504ee8bcfc7695693c04d9bc8
-
SHA1
1857b73242e19b91e06f679f44dff92755a515f1
-
SHA256
a526fa64ed23715f034803bd545dae804f7ed2d10d333c8f71269b4fe91e89cf
-
SHA512
d8421a2495d24c4dd1dc64d22cf45c40fea2794bb4e98d1cb85f80f6daf57a00b53aaa784c71706ced2b782aba02b47d229da270937dbc466f4775a7978bebfd
-
SSDEEP
49152:h1OsZsbT5tEwd8c494ibL92Ff05SZ570tzKqZFsa:h1OWs35bBML92c
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-