General
-
Target
7f8351c90a9210d7426d79e7698589a4
-
Size
250KB
-
Sample
231226-vrc3qahde9
-
MD5
7f8351c90a9210d7426d79e7698589a4
-
SHA1
fb9ff0c05b19ebcaf6cf2104e995624d591e0475
-
SHA256
4f5e41254147d87d56bada78cc319c8a8eaeb1ae8ef7b2d31dfc645c05a07009
-
SHA512
eaafe46293960db90faad9fad101b53c6eea89e85bf3f2c1aa0739ac411b0d52a7e37e682663aaa406ad5bb794d0de5ff3bed95a072bf5f2496172ec7c9bdc89
-
SSDEEP
6144:h1OgDPdkBAFZWjadD4s5EPlc7BdArSfIVP6qgpJM+tdaPjk:h1OgLdaOmc7vfIVP6fIjjk
Malware Config
Targets
-
-
Target
7f8351c90a9210d7426d79e7698589a4
-
Size
250KB
-
MD5
7f8351c90a9210d7426d79e7698589a4
-
SHA1
fb9ff0c05b19ebcaf6cf2104e995624d591e0475
-
SHA256
4f5e41254147d87d56bada78cc319c8a8eaeb1ae8ef7b2d31dfc645c05a07009
-
SHA512
eaafe46293960db90faad9fad101b53c6eea89e85bf3f2c1aa0739ac411b0d52a7e37e682663aaa406ad5bb794d0de5ff3bed95a072bf5f2496172ec7c9bdc89
-
SSDEEP
6144:h1OgDPdkBAFZWjadD4s5EPlc7BdArSfIVP6qgpJM+tdaPjk:h1OgLdaOmc7vfIVP6fIjjk
Score7/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-