General
-
Target
15c03db8ba69a7f0d0d6ae6cab036dc6f5ec0ece5029742c8d1e64effc280402
-
Size
2.0MB
-
Sample
221127-hpbewsgb74
-
MD5
9e59b60f76830d7ae3c4ecf37f1e206b
-
SHA1
4309891de0603a73e060992e0680de88c6c50dd6
-
SHA256
15c03db8ba69a7f0d0d6ae6cab036dc6f5ec0ece5029742c8d1e64effc280402
-
SHA512
4b25da6c229047f27cbe58db6b1c9c280b746c3da48b1bc0d1d481da2a5a212ae57aaf4dcd8e84f3072c0941d4ba603f9b7f59fb419a2231573e25e15949e157
-
SSDEEP
49152:h1OsyNQToNVxbNrInKtDSwSm7CXH9e7B6cr7J30Ct40pT6:h1OfNQUNVxNpSmGXMvxdt+
Malware Config
Targets
-
-
Target
15c03db8ba69a7f0d0d6ae6cab036dc6f5ec0ece5029742c8d1e64effc280402
-
Size
2.0MB
-
MD5
9e59b60f76830d7ae3c4ecf37f1e206b
-
SHA1
4309891de0603a73e060992e0680de88c6c50dd6
-
SHA256
15c03db8ba69a7f0d0d6ae6cab036dc6f5ec0ece5029742c8d1e64effc280402
-
SHA512
4b25da6c229047f27cbe58db6b1c9c280b746c3da48b1bc0d1d481da2a5a212ae57aaf4dcd8e84f3072c0941d4ba603f9b7f59fb419a2231573e25e15949e157
-
SSDEEP
49152:h1OsyNQToNVxbNrInKtDSwSm7CXH9e7B6cr7J30Ct40pT6:h1OfNQUNVxNpSmGXMvxdt+
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-