General
-
Target
12a4c0879701952177f363438df9b2a1
-
Size
250KB
-
Sample
231225-klhe5scefm
-
MD5
12a4c0879701952177f363438df9b2a1
-
SHA1
0a7cb0741d7b629f92ef98906e4ca6c065e99ff6
-
SHA256
47fdc97a48dbcf7547ec02db985f82c35ef69dfbeb2d7adf4c259d6c01233d08
-
SHA512
f727fe3e9d4309f89a6ce196bc5b74321aa5582d28e84f6de2c9391fb694431db1d2f89acfd7a461338179b236990a24791ead442664e1e04f758e9a4f0b607d
-
SSDEEP
6144:h1OgDPdkBAFZWjadD4s5Vsp1I1CyBBx8dgDm6saKP/Rnoq8UyR:h1OgLdaOgKCI86Dm64CHUyR
Malware Config
Targets
-
-
Target
12a4c0879701952177f363438df9b2a1
-
Size
250KB
-
MD5
12a4c0879701952177f363438df9b2a1
-
SHA1
0a7cb0741d7b629f92ef98906e4ca6c065e99ff6
-
SHA256
47fdc97a48dbcf7547ec02db985f82c35ef69dfbeb2d7adf4c259d6c01233d08
-
SHA512
f727fe3e9d4309f89a6ce196bc5b74321aa5582d28e84f6de2c9391fb694431db1d2f89acfd7a461338179b236990a24791ead442664e1e04f758e9a4f0b607d
-
SSDEEP
6144:h1OgDPdkBAFZWjadD4s5Vsp1I1CyBBx8dgDm6saKP/Rnoq8UyR:h1OgLdaOgKCI86Dm64CHUyR
Score7/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-