General
-
Target
1918ba035ceed2eff54414b41725111a
-
Size
250KB
-
Sample
231230-p3284aebe5
-
MD5
1918ba035ceed2eff54414b41725111a
-
SHA1
c13c3b6b0c0e246d26e2436b3a667a92f211bd35
-
SHA256
41bec227b7b086842adcceac23c108cb12b2f4e16fb7d7ef66f7bd482f853064
-
SHA512
1d3becd2757daff38c5d7d8a946a3880488db89f2f50e487d0345964af53391a772f385f7d14ae95f2fa4b6a91f4c5b186e8d1b706de62325e071587505e06f5
-
SSDEEP
6144:h1OgDPdkBAFZWjadD4s5XJ546KLSFBlwNPu:h1OgLdaOXJ2nsBleG
Malware Config
Targets
-
-
Target
1918ba035ceed2eff54414b41725111a
-
Size
250KB
-
MD5
1918ba035ceed2eff54414b41725111a
-
SHA1
c13c3b6b0c0e246d26e2436b3a667a92f211bd35
-
SHA256
41bec227b7b086842adcceac23c108cb12b2f4e16fb7d7ef66f7bd482f853064
-
SHA512
1d3becd2757daff38c5d7d8a946a3880488db89f2f50e487d0345964af53391a772f385f7d14ae95f2fa4b6a91f4c5b186e8d1b706de62325e071587505e06f5
-
SSDEEP
6144:h1OgDPdkBAFZWjadD4s5XJ546KLSFBlwNPu:h1OgLdaOXJ2nsBleG
Score7/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-