General
-
Target
ce338f02bea5de0df06483fcad6f3cd6f80877de604fa2638ced9b2bb6ff8a23
-
Size
2.1MB
-
Sample
221125-hvgh4ahg76
-
MD5
f22da2e3d565b504d5d061ddf70cc300
-
SHA1
28cc783dd0e42025ee3759324487b26d85e448fd
-
SHA256
ce338f02bea5de0df06483fcad6f3cd6f80877de604fa2638ced9b2bb6ff8a23
-
SHA512
a75eae890a2003a5b26ec91874ff9f2453ee66e0907023f0ceaaa3f079737cc115a9a9c6d6ff47e27b14e785e657855c70811ffe8a40cbfcffacf6c387f4c3e0
-
SSDEEP
49152:A9GIdQGguq8Y7VUn4mZs4PE6PSW8ZqowN3:AyFT7Vw9Ku6/ZqowN3
Malware Config
Targets
-
-
Target
ce338f02bea5de0df06483fcad6f3cd6f80877de604fa2638ced9b2bb6ff8a23
-
Size
2.1MB
-
MD5
f22da2e3d565b504d5d061ddf70cc300
-
SHA1
28cc783dd0e42025ee3759324487b26d85e448fd
-
SHA256
ce338f02bea5de0df06483fcad6f3cd6f80877de604fa2638ced9b2bb6ff8a23
-
SHA512
a75eae890a2003a5b26ec91874ff9f2453ee66e0907023f0ceaaa3f079737cc115a9a9c6d6ff47e27b14e785e657855c70811ffe8a40cbfcffacf6c387f4c3e0
-
SSDEEP
49152:A9GIdQGguq8Y7VUn4mZs4PE6PSW8ZqowN3:AyFT7Vw9Ku6/ZqowN3
Score8/10-
Executes dropped EXE
-
Registers COM server for autorun
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-