General
-
Target
6bc751fc3cb92bf34c2567917b7554a3
-
Size
255KB
-
Sample
231226-nv8kgaefej
-
MD5
6bc751fc3cb92bf34c2567917b7554a3
-
SHA1
5e113e799983b1538bfe0a201c6dcd50eaf78a32
-
SHA256
ebfa0c977a44b115369beb40e4d982929a2f4c474690da6991f191ff8670a1fb
-
SHA512
cfcabdbb86055673a4abe79acb97ee1e254f552a048b430ac8b67076a725b2e2dbf0e22653894cc225746451e2a0f827d3a3ac255fd3d7386602f93aee636cd2
-
SSDEEP
6144:h1OgDPdkBAFZWjadD4s5XacWhBHqlKAKM8FJfwPZxtPc3:h1OgLdaOX6qlKAKM8FGPntI
Malware Config
Targets
-
-
Target
6bc751fc3cb92bf34c2567917b7554a3
-
Size
255KB
-
MD5
6bc751fc3cb92bf34c2567917b7554a3
-
SHA1
5e113e799983b1538bfe0a201c6dcd50eaf78a32
-
SHA256
ebfa0c977a44b115369beb40e4d982929a2f4c474690da6991f191ff8670a1fb
-
SHA512
cfcabdbb86055673a4abe79acb97ee1e254f552a048b430ac8b67076a725b2e2dbf0e22653894cc225746451e2a0f827d3a3ac255fd3d7386602f93aee636cd2
-
SSDEEP
6144:h1OgDPdkBAFZWjadD4s5XacWhBHqlKAKM8FJfwPZxtPc3:h1OgLdaOX6qlKAKM8FGPntI
Score7/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-