General
-
Target
483da6729b8187e1e8b3348049d0947c949a51b67ac0e9dbd883d35671777e0b
-
Size
3.5MB
-
Sample
221125-cfwftage8s
-
MD5
3f9ba51bc38aa10851f0e9c38278ab6f
-
SHA1
cb4c4a5c0f63fc13dafdbf8d195c3dedd3fd2854
-
SHA256
483da6729b8187e1e8b3348049d0947c949a51b67ac0e9dbd883d35671777e0b
-
SHA512
2a68e2550ae494ab35c60b2848e5732a16cb7b0aa5c335c8596bc8be71e4372db608fceb126b8ea0bab79b3be1944ad7cc7f85604d6db7244d2090fc4bb3c754
-
SSDEEP
98304:NxsG2XEqY3veKmr1U+yoyGaCR0mWJ+bgZs9DQ44s0:NWhRUfCR0mWJsghs
Malware Config
Targets
-
-
Target
483da6729b8187e1e8b3348049d0947c949a51b67ac0e9dbd883d35671777e0b
-
Size
3.5MB
-
MD5
3f9ba51bc38aa10851f0e9c38278ab6f
-
SHA1
cb4c4a5c0f63fc13dafdbf8d195c3dedd3fd2854
-
SHA256
483da6729b8187e1e8b3348049d0947c949a51b67ac0e9dbd883d35671777e0b
-
SHA512
2a68e2550ae494ab35c60b2848e5732a16cb7b0aa5c335c8596bc8be71e4372db608fceb126b8ea0bab79b3be1944ad7cc7f85604d6db7244d2090fc4bb3c754
-
SSDEEP
98304:NxsG2XEqY3veKmr1U+yoyGaCR0mWJ+bgZs9DQ44s0:NWhRUfCR0mWJsghs
Score8/10-
Registers COM server for autorun
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Drops file in System32 directory
-