General
-
Target
3db7b2974cb01c3cc9c32645c7ba55a6bfb202f20cf7518fce62559cf5652586
-
Size
575KB
-
Sample
220701-r4b5eagfcq
-
MD5
218117f81f698d56e25733fd02d2e5ce
-
SHA1
be6c6761a37fe079fd203f5b131c029164de5b69
-
SHA256
3db7b2974cb01c3cc9c32645c7ba55a6bfb202f20cf7518fce62559cf5652586
-
SHA512
4960eba24f3176f671b5bcec66d65b9372dec59aa078db2fbac31ad56dc39aede818b5f20d4efbd43222fb9d9b241b58008610cf997f7d8ece2799363fd5d659
Static task
static1
Behavioral task
behavioral1
Sample
IMPORT-BOOKING DETAILS.xls.bit.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
IMPORT-BOOKING DETAILS.xls.bit.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
IMPORT-BOOKING DETAILS.xls.bit.exe
-
Size
942KB
-
MD5
056347ef33d8723e7fe77e03809ea6a8
-
SHA1
fd00800bb7f4a0499742eb5ee71427fdef5e0592
-
SHA256
09abaa1b12ae6d7ed845027756e8852a39ac0a75fecf53f76c08ce48bdf58b91
-
SHA512
10eb88ef51562bad7664e2ab7fd1da5eeaea8a2c1e3a70fe61cc83c4dfa8bff2e7389c719cb4ad443ed3fba43e5cd7a87391b041c08f7e58f4dce8781d0e552e
Score10/10-
ISR Stealer
ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
-
ISR Stealer Payload
-
NirSoft MailPassView
Password recovery tool for various email clients
-
Nirsoft
-
Drops startup file
-
Accesses Microsoft Outlook accounts
-
Suspicious use of SetThreadContext
-