General
-
Target
495c6e69b1255e117f77baa31f7f140cb0df36ef59a228e5807a87ad714dd066
-
Size
4.2MB
-
Sample
221125-cd1bzsdd88
-
MD5
4259ec407cf46379f113934bf6ea7ce1
-
SHA1
118b7139121754fb78e5fa7703745d0f6cb5500c
-
SHA256
495c6e69b1255e117f77baa31f7f140cb0df36ef59a228e5807a87ad714dd066
-
SHA512
c8f8dcf97de059ef74c977b9c518c265f9b927e74db5eab72786e3ba244b390985ebe0b6bbb446a2705fd28d2e418bd20d613a6c45b4dd1b266fcc7409eff751
-
SSDEEP
49152:8xam6jkbt3kGtj85wA0w3+rnfwZU5Bcumt9Q+G0ytVHuwwWO3ATPb5nl:8QmPGGi5+ul4HulWOwbV
Malware Config
Targets
-
-
Target
495c6e69b1255e117f77baa31f7f140cb0df36ef59a228e5807a87ad714dd066
-
Size
4.2MB
-
MD5
4259ec407cf46379f113934bf6ea7ce1
-
SHA1
118b7139121754fb78e5fa7703745d0f6cb5500c
-
SHA256
495c6e69b1255e117f77baa31f7f140cb0df36ef59a228e5807a87ad714dd066
-
SHA512
c8f8dcf97de059ef74c977b9c518c265f9b927e74db5eab72786e3ba244b390985ebe0b6bbb446a2705fd28d2e418bd20d613a6c45b4dd1b266fcc7409eff751
-
SSDEEP
49152:8xam6jkbt3kGtj85wA0w3+rnfwZU5Bcumt9Q+G0ytVHuwwWO3ATPb5nl:8QmPGGi5+ul4HulWOwbV
Score8/10-
Registers COM server for autorun
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Drops file in System32 directory
-