General
-
Target
512e4cba97bb4ebd569ad8bfd99f141d1b1fde60c36d89a05acfc78256a4ca9f
-
Size
2.5MB
-
Sample
221125-b1lxfaff4t
-
MD5
3d18378c6ac9668489cc8e3305006b12
-
SHA1
6427a9fec408a0d4a925c6828d5a7b35005ac794
-
SHA256
512e4cba97bb4ebd569ad8bfd99f141d1b1fde60c36d89a05acfc78256a4ca9f
-
SHA512
e11d0b1915f9ac8087274fcf63d38f4ab803c4d8ec5f84575a7fd8479d5277f47f771983372bf3c27354d36b094ddeeb1628f22e1669ccb5b830e2a68fe43506
-
SSDEEP
49152:h1OsYIPtchP5IawtcvlV3COH8qA0OOMC1gqEaejGfr+:h1OrIPtrkvlBCOHgBCS
Malware Config
Targets
-
-
Target
512e4cba97bb4ebd569ad8bfd99f141d1b1fde60c36d89a05acfc78256a4ca9f
-
Size
2.5MB
-
MD5
3d18378c6ac9668489cc8e3305006b12
-
SHA1
6427a9fec408a0d4a925c6828d5a7b35005ac794
-
SHA256
512e4cba97bb4ebd569ad8bfd99f141d1b1fde60c36d89a05acfc78256a4ca9f
-
SHA512
e11d0b1915f9ac8087274fcf63d38f4ab803c4d8ec5f84575a7fd8479d5277f47f771983372bf3c27354d36b094ddeeb1628f22e1669ccb5b830e2a68fe43506
-
SSDEEP
49152:h1OsYIPtchP5IawtcvlV3COH8qA0OOMC1gqEaejGfr+:h1OrIPtrkvlBCOHgBCS
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-