General
-
Target
a809055e08efc7172d3877061c4879fa7cae34601056945e97de790f1e0a3e57
-
Size
2.1MB
-
Sample
221125-rcplescf82
-
MD5
913e7fef76a5196e334c926745aba7eb
-
SHA1
23da78be534fa19abedb087722f1989769e744cd
-
SHA256
a809055e08efc7172d3877061c4879fa7cae34601056945e97de790f1e0a3e57
-
SHA512
0bef407c2ad010d2a1e58b6247fbe49b62f9b7471fcb13db0f48d536aab3cb1bc83fdf91c501bd29f2e1969009c4737650aae28393456b6d8df4ecd5034b0fe7
-
SSDEEP
49152:h1OswhvaZG1MVEtzijkTvu2x/uw4B8FHFF6X:h1OdvaxMziy3K
Malware Config
Targets
-
-
Target
a809055e08efc7172d3877061c4879fa7cae34601056945e97de790f1e0a3e57
-
Size
2.1MB
-
MD5
913e7fef76a5196e334c926745aba7eb
-
SHA1
23da78be534fa19abedb087722f1989769e744cd
-
SHA256
a809055e08efc7172d3877061c4879fa7cae34601056945e97de790f1e0a3e57
-
SHA512
0bef407c2ad010d2a1e58b6247fbe49b62f9b7471fcb13db0f48d536aab3cb1bc83fdf91c501bd29f2e1969009c4737650aae28393456b6d8df4ecd5034b0fe7
-
SSDEEP
49152:h1OswhvaZG1MVEtzijkTvu2x/uw4B8FHFF6X:h1OdvaxMziy3K
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-