General
-
Target
aa2c4b678d0f042bebaa8c5e174bdbbf30d52ad3dc8e364fdafe1a6883971607
-
Size
2.5MB
-
Sample
221124-zth4zahg22
-
MD5
d4c27fb54ccf8504ac729f72eaa28148
-
SHA1
4b2781cb4904a53eccc39a5e8bf5bbd8340f61d6
-
SHA256
aa2c4b678d0f042bebaa8c5e174bdbbf30d52ad3dc8e364fdafe1a6883971607
-
SHA512
9409866e879bb5d172f696bdbef8860ca5895a4e47769cac692c78a73ac0edddc75fe108761c446da9f6d296a4df245da28a79603c4bd68dc52ad900af54ac65
-
SSDEEP
49152:h1OsSIPtchP5IawtcvlV3COH8qA0OOMC1gqEaejGfru:h1OTIPtrkvlBCOHgBC6
Malware Config
Targets
-
-
Target
aa2c4b678d0f042bebaa8c5e174bdbbf30d52ad3dc8e364fdafe1a6883971607
-
Size
2.5MB
-
MD5
d4c27fb54ccf8504ac729f72eaa28148
-
SHA1
4b2781cb4904a53eccc39a5e8bf5bbd8340f61d6
-
SHA256
aa2c4b678d0f042bebaa8c5e174bdbbf30d52ad3dc8e364fdafe1a6883971607
-
SHA512
9409866e879bb5d172f696bdbef8860ca5895a4e47769cac692c78a73ac0edddc75fe108761c446da9f6d296a4df245da28a79603c4bd68dc52ad900af54ac65
-
SSDEEP
49152:h1OsSIPtchP5IawtcvlV3COH8qA0OOMC1gqEaejGfru:h1OTIPtrkvlBCOHgBC6
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-