outsteel | 9a72e56ac0f1badd3ca761b53e9998a7e0525f2055dbec01d867f62bdb30418e | Triage

Submit
Reports

Overview

overview

Static

static

9a72e56ac0...8e.exe

windows7_x64

9a72e56ac0...8e.exe

windows10-2004_x64

Sharing

General

Target

9a72e56ac0f1badd3ca761b53e9998a7e0525f2055dbec01d867f62bdb30418e
Size

737KB
Sample

220228-dvy1xsdac5
MD5

22840909e11530390e8f74c6a162ded1
SHA1

78d82f0ff396393e958553f25a47145916ea4e39
SHA256

9a72e56ac0f1badd3ca761b53e9998a7e0525f2055dbec01d867f62bdb30418e
SHA512

2a2214dc48b6942b19e439db189a9b2e7df6d91c26b24692fe370d552c70e828cb6d4ac344dc2fe36e08b0752e4ae8886f4d1f3f45970a65eaebae2d3069c130

Score

10^/10

outsteel spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

9a72e56ac0f1badd3ca761b53e9998a7e0525f2055dbec01d867f62bdb30418e.exe

Resource

win7-20220223-en

outsteel spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

9a72e56ac0f1badd3ca761b53e9998a7e0525f2055dbec01d867f62bdb30418e.exe

Resource

win10v2004-en-20220113

outsteel spyware stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  9a72e56ac0f1badd3ca761b53e9998a7e0525f2055dbec01d867f62bdb30418e
- Size
  
  737KB
- MD5
  
  22840909e11530390e8f74c6a162ded1
- SHA1
  
  78d82f0ff396393e958553f25a47145916ea4e39
- SHA256
  
  9a72e56ac0f1badd3ca761b53e9998a7e0525f2055dbec01d867f62bdb30418e
- SHA512
  
  2a2214dc48b6942b19e439db189a9b2e7df6d91c26b24692fe370d552c70e828cb6d4ac344dc2fe36e08b0752e4ae8886f4d1f3f45970a65eaebae2d3069c130
Score

10^/10

outsteel spyware stealer
- OutSteel
  OutSteel is a file uploader and document stealer written in AutoIT.
  stealer outsteel
- OutSteel batch script
  Detects batch script dropped by OutSteel
- Suspicious use of NtCreateProcessExOtherParentProcess
- Deletes itself
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

outsteelspywarestealer

behavioral2

outsteelspywarestealer

© 2018-2024

Terms | Privacy