General
-
Target
RFQ TENDER #PR7411309987989787986876787567575654545400009998776878988998889898888787767787786766.exe
-
Size
436KB
-
Sample
211201-qb3afscccp
-
MD5
00ca9e7e127f8130d4859f40da293efd
-
SHA1
4c7a8508f0e061242aaf0e3da2de863e895099b3
-
SHA256
13b7657338e0e642fb260eb64d8efdf69e903005ca35916de4685d1144435d22
-
SHA512
e3d9eb529ab3042b50e6fe963fb7d6bc0f9c709dc9d9a7a636805810cd69f1bdf402d7f9478acdad31859e117d2d83c65590ee18bb29e5a1d35f27d97b64ce94
Static task
static1
Behavioral task
behavioral1
Sample
RFQ TENDER #PR7411309987989787986876787567575654545400009998776878988998889898888787767787786766.exe
Resource
win7-en-20211104
Behavioral task
behavioral2
Sample
RFQ TENDER #PR7411309987989787986876787567575654545400009998776878988998889898888787767787786766.exe
Resource
win10-en-20211104
Malware Config
Targets
-
-
Target
RFQ TENDER #PR7411309987989787986876787567575654545400009998776878988998889898888787767787786766.exe
-
Size
436KB
-
MD5
00ca9e7e127f8130d4859f40da293efd
-
SHA1
4c7a8508f0e061242aaf0e3da2de863e895099b3
-
SHA256
13b7657338e0e642fb260eb64d8efdf69e903005ca35916de4685d1144435d22
-
SHA512
e3d9eb529ab3042b50e6fe963fb7d6bc0f9c709dc9d9a7a636805810cd69f1bdf402d7f9478acdad31859e117d2d83c65590ee18bb29e5a1d35f27d97b64ce94
Score10/10-
ISR Stealer
ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
-
ISR Stealer Payload
-
NirSoft MailPassView
Password recovery tool for various email clients
-
Nirsoft
-
Accesses Microsoft Outlook accounts
-
Suspicious use of SetThreadContext
-