General
-
Target
28c46317ccfd356e44bca7d82ce9dd46e4a2507b0b75b003f93e88e1fe7230cc
-
Size
3.0MB
-
Sample
221125-j2yavsch82
-
MD5
1606e84959475fcd8a5cc60dcb1612b4
-
SHA1
1da778c1715525e85e80e7fec70f2771339aef9d
-
SHA256
28c46317ccfd356e44bca7d82ce9dd46e4a2507b0b75b003f93e88e1fe7230cc
-
SHA512
2953b86d5473d59bff6bdce0343083c96e81a42515c8246be8351aafda5eddaf2a1f83a8c90b16aeca31d0cdf2c6c3fdfb2edc43a1b9790388f3414b939d2a5c
-
SSDEEP
49152:7l+a1UdHZG7n0pp10VvlEw13EQ23PT/Vl9+NafBOBrIavcQ:xiuwX1SVCrNsBrI
Malware Config
Targets
-
-
Target
28c46317ccfd356e44bca7d82ce9dd46e4a2507b0b75b003f93e88e1fe7230cc
-
Size
3.0MB
-
MD5
1606e84959475fcd8a5cc60dcb1612b4
-
SHA1
1da778c1715525e85e80e7fec70f2771339aef9d
-
SHA256
28c46317ccfd356e44bca7d82ce9dd46e4a2507b0b75b003f93e88e1fe7230cc
-
SHA512
2953b86d5473d59bff6bdce0343083c96e81a42515c8246be8351aafda5eddaf2a1f83a8c90b16aeca31d0cdf2c6c3fdfb2edc43a1b9790388f3414b939d2a5c
-
SSDEEP
49152:7l+a1UdHZG7n0pp10VvlEw13EQ23PT/Vl9+NafBOBrIavcQ:xiuwX1SVCrNsBrI
Score8/10-
Registers COM server for autorun
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Drops file in System32 directory
-