General
-
Target
fb0b0b34e17504a0d8ab823365fc89d9587e09731382b5988cd1c2c30354b87d
-
Size
266KB
-
Sample
221021-ykws2adbcl
-
MD5
5c8591a81043226eb3e4f57bd28bd690
-
SHA1
d10b73d09e0673da549252b71267c2558ac76676
-
SHA256
fb0b0b34e17504a0d8ab823365fc89d9587e09731382b5988cd1c2c30354b87d
-
SHA512
101d3886c26522ba75b56e0da6fc2a5236626e4dd7e9d97567192a580737fc78184baf3e911da04044212ddc27a204d95072a75cdb47cd2bd57c1f8f26ffe2dd
-
SSDEEP
6144:/U2mLgw24La6nPwJjs9wpzknoI/EquGVFV1PKVqU/LkI95Zf2:/nR0amKjLkIU7zCV3j15Q
Malware Config
Targets
-
-
Target
fb0b0b34e17504a0d8ab823365fc89d9587e09731382b5988cd1c2c30354b87d
-
Size
266KB
-
MD5
5c8591a81043226eb3e4f57bd28bd690
-
SHA1
d10b73d09e0673da549252b71267c2558ac76676
-
SHA256
fb0b0b34e17504a0d8ab823365fc89d9587e09731382b5988cd1c2c30354b87d
-
SHA512
101d3886c26522ba75b56e0da6fc2a5236626e4dd7e9d97567192a580737fc78184baf3e911da04044212ddc27a204d95072a75cdb47cd2bd57c1f8f26ffe2dd
-
SSDEEP
6144:/U2mLgw24La6nPwJjs9wpzknoI/EquGVFV1PKVqU/LkI95Zf2:/nR0amKjLkIU7zCV3j15Q
Score10/10-
ISR Stealer
ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
-
ISR Stealer payload
-
NirSoft MailPassView
Password recovery tool for various email clients
-
Nirsoft
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook accounts
-
Suspicious use of SetThreadContext
-