General
-
Target
061b38935d41c3bbe29ac03ca7de53ba7df299658c4b014fbc693d37e6a2f2b2
-
Size
2.1MB
-
Sample
221128-r74ntsbe76
-
MD5
d598c6379b8ec0812c99a7ee681ddb11
-
SHA1
ca47c638a1ac9661c3f4da9c999ecc3c0d3a035a
-
SHA256
061b38935d41c3bbe29ac03ca7de53ba7df299658c4b014fbc693d37e6a2f2b2
-
SHA512
de48ca9b7e49b1617c03ad2ee062a4f9a8b6dd5da1cb7d0087baf0abb27cf0f1ab49bb41cc8797787e11d97f7002cc9e70abf2c7c90e531d76bca54e1ff4f245
-
SSDEEP
49152:h1Os4NQToNVxbNrInKtDSwSm7CXH9e7q4KzHT12eoJGmkEEn:h1ODNQUNVxNpSmGXkIjKGn
Malware Config
Targets
-
-
Target
061b38935d41c3bbe29ac03ca7de53ba7df299658c4b014fbc693d37e6a2f2b2
-
Size
2.1MB
-
MD5
d598c6379b8ec0812c99a7ee681ddb11
-
SHA1
ca47c638a1ac9661c3f4da9c999ecc3c0d3a035a
-
SHA256
061b38935d41c3bbe29ac03ca7de53ba7df299658c4b014fbc693d37e6a2f2b2
-
SHA512
de48ca9b7e49b1617c03ad2ee062a4f9a8b6dd5da1cb7d0087baf0abb27cf0f1ab49bb41cc8797787e11d97f7002cc9e70abf2c7c90e531d76bca54e1ff4f245
-
SSDEEP
49152:h1Os4NQToNVxbNrInKtDSwSm7CXH9e7q4KzHT12eoJGmkEEn:h1ODNQUNVxNpSmGXkIjKGn
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-