General
-
Target
415249faf38a84e4b180beafc0818a06fe43cb5a4c2843e37791235bdcd8f5eb
-
Size
4.6MB
-
Sample
221127-tpl26see2v
-
MD5
dfb31f14a706185d829b9ee0b66791d9
-
SHA1
af12e57d25cf6e242e2a0e66f94ae36dac991a61
-
SHA256
415249faf38a84e4b180beafc0818a06fe43cb5a4c2843e37791235bdcd8f5eb
-
SHA512
ad1eadc24676cf56978233298f7dbc84d01f56df687fae90cfe2d615cb2681abcab3852efa9e14e6ff50adde8df3ba931a69c97119516700a0c1291e36a7b6f8
-
SSDEEP
98304:sdhBzl2TVTwymbvw1tf37IGTad+ESjS2Lkyj:sdETVTwymbUsGTfnjB4y
Malware Config
Targets
-
-
Target
415249faf38a84e4b180beafc0818a06fe43cb5a4c2843e37791235bdcd8f5eb
-
Size
4.6MB
-
MD5
dfb31f14a706185d829b9ee0b66791d9
-
SHA1
af12e57d25cf6e242e2a0e66f94ae36dac991a61
-
SHA256
415249faf38a84e4b180beafc0818a06fe43cb5a4c2843e37791235bdcd8f5eb
-
SHA512
ad1eadc24676cf56978233298f7dbc84d01f56df687fae90cfe2d615cb2681abcab3852efa9e14e6ff50adde8df3ba931a69c97119516700a0c1291e36a7b6f8
-
SSDEEP
98304:sdhBzl2TVTwymbvw1tf37IGTad+ESjS2Lkyj:sdETVTwymbUsGTfnjB4y
Score8/10-
Registers COM server for autorun
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Drops file in System32 directory
-