General
-
Target
b0f3f4676919d5dc7ede4751c992e0967d314c12eb293550e6b5276f240fbdbd
-
Size
340KB
-
Sample
220308-l3q92sgbgk
-
MD5
ffd927fb549107e61816ec642c1644f7
-
SHA1
921da95687dce6557f17c1b5a19a68d593bdc5d5
-
SHA256
b0f3f4676919d5dc7ede4751c992e0967d314c12eb293550e6b5276f240fbdbd
-
SHA512
c7b82fb88524a88f00c0328947dce499ad41c99d243874bc8e4b5411e413a7cab5a68f8716f4008f39a74b510f9502082e2c3ddd51138f0777435d1ee6a6eeb9
Static task
static1
Behavioral task
behavioral1
Sample
b0f3f4676919d5dc7ede4751c992e0967d314c12eb293550e6b5276f240fbdbd.exe
Resource
win7-20220223-en
Behavioral task
behavioral2
Sample
b0f3f4676919d5dc7ede4751c992e0967d314c12eb293550e6b5276f240fbdbd.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
b0f3f4676919d5dc7ede4751c992e0967d314c12eb293550e6b5276f240fbdbd
-
Size
340KB
-
MD5
ffd927fb549107e61816ec642c1644f7
-
SHA1
921da95687dce6557f17c1b5a19a68d593bdc5d5
-
SHA256
b0f3f4676919d5dc7ede4751c992e0967d314c12eb293550e6b5276f240fbdbd
-
SHA512
c7b82fb88524a88f00c0328947dce499ad41c99d243874bc8e4b5411e413a7cab5a68f8716f4008f39a74b510f9502082e2c3ddd51138f0777435d1ee6a6eeb9
-
ISR Stealer
ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
-
ISR Stealer Payload
-
NirSoft MailPassView
Password recovery tool for various email clients
-
Nirsoft
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses Microsoft Outlook accounts
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-