General
-
Target
dfed2e942aab4767d5f020e610af3c5a
-
Size
14.2MB
-
Sample
240326-x8mpladc2z
-
MD5
dfed2e942aab4767d5f020e610af3c5a
-
SHA1
a86022340dc6d493befc56872e4c1ce59834827d
-
SHA256
3af19adf78517630c224ba40e452dca69895b944e481a5964308271b882ddffe
-
SHA512
931b951590220d72fff7535f00cc1ec1ab40435c60aa1b522892ef1f84795ed05edf24d59226fdd1292bb0bfe0a4c2776a76a3ad34e4746d2a895654f0032bfa
-
SSDEEP
12288:9TvddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddR:5h
Malware Config
Targets
-
-
Target
dfed2e942aab4767d5f020e610af3c5a
-
Size
14.2MB
-
MD5
dfed2e942aab4767d5f020e610af3c5a
-
SHA1
a86022340dc6d493befc56872e4c1ce59834827d
-
SHA256
3af19adf78517630c224ba40e452dca69895b944e481a5964308271b882ddffe
-
SHA512
931b951590220d72fff7535f00cc1ec1ab40435c60aa1b522892ef1f84795ed05edf24d59226fdd1292bb0bfe0a4c2776a76a3ad34e4746d2a895654f0032bfa
-
SSDEEP
12288:9TvddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddR:5h
Score8/10-
Adds policy Run key to start application
-
Modifies Installed Components in the registry
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Drops file in System32 directory
-