General
-
Target
859f967f96801d474e1b0142bb401eae08b448615602561fe4d7b80a05415f8b
-
Size
4.3MB
-
Sample
221125-jdfqxaef7z
-
MD5
877b368465133ddaa12a34f541baf587
-
SHA1
43d6e2e4b168fb239d2e6e2f45d77811dca79baf
-
SHA256
859f967f96801d474e1b0142bb401eae08b448615602561fe4d7b80a05415f8b
-
SHA512
004496029d9a19a18cbc77a234b3cf9568c47b03f46605b55ec68e996bb8d33d7a5079e2021a6a5e7a2adcd6e57384b69891c1f6a1f3bb4dc8a5af3868629d5c
-
SSDEEP
98304:U8ndzGOKPwFZ0EHw6bcsf1gTvPGyxdjtY17RvdkQNPxpnBmgrJ6sMTKFI4Rr+i3y:UVpPwFZH9bcsfSWn
Malware Config
Targets
-
-
Target
859f967f96801d474e1b0142bb401eae08b448615602561fe4d7b80a05415f8b
-
Size
4.3MB
-
MD5
877b368465133ddaa12a34f541baf587
-
SHA1
43d6e2e4b168fb239d2e6e2f45d77811dca79baf
-
SHA256
859f967f96801d474e1b0142bb401eae08b448615602561fe4d7b80a05415f8b
-
SHA512
004496029d9a19a18cbc77a234b3cf9568c47b03f46605b55ec68e996bb8d33d7a5079e2021a6a5e7a2adcd6e57384b69891c1f6a1f3bb4dc8a5af3868629d5c
-
SSDEEP
98304:U8ndzGOKPwFZ0EHw6bcsf1gTvPGyxdjtY17RvdkQNPxpnBmgrJ6sMTKFI4Rr+i3y:UVpPwFZH9bcsfSWn
Score8/10-
Registers COM server for autorun
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Drops file in System32 directory
-