General
-
Target
135f7ef114afc711cf3af9d8cb7014cf2f9961b3f0d8da9c68a79da4d49c10ae
-
Size
283KB
-
Sample
221029-hfaf8seea3
-
MD5
2ba128fc308441e761ac3e5872e5e0a2
-
SHA1
8aafa7a13aa0f512fb2dab1764dd952c4b036878
-
SHA256
135f7ef114afc711cf3af9d8cb7014cf2f9961b3f0d8da9c68a79da4d49c10ae
-
SHA512
8ec3958e62a6798bc9bb3d8da07e21ebd649a5ebec0358c1d507343735aa57762f343ebe78f8aa75fbb7bfcd6bfda22e96f95f136124f8b008b519413d691b9f
-
SSDEEP
6144:2VDKtNH8DLIYbeAV6lLsV7TA4JMgPwShfQcEqzhpioa3tM:sutx8DLIYbdGgI6f6qzhpba2
Malware Config
Targets
-
-
Target
135f7ef114afc711cf3af9d8cb7014cf2f9961b3f0d8da9c68a79da4d49c10ae
-
Size
283KB
-
MD5
2ba128fc308441e761ac3e5872e5e0a2
-
SHA1
8aafa7a13aa0f512fb2dab1764dd952c4b036878
-
SHA256
135f7ef114afc711cf3af9d8cb7014cf2f9961b3f0d8da9c68a79da4d49c10ae
-
SHA512
8ec3958e62a6798bc9bb3d8da07e21ebd649a5ebec0358c1d507343735aa57762f343ebe78f8aa75fbb7bfcd6bfda22e96f95f136124f8b008b519413d691b9f
-
SSDEEP
6144:2VDKtNH8DLIYbeAV6lLsV7TA4JMgPwShfQcEqzhpioa3tM:sutx8DLIYbdGgI6f6qzhpba2
Score10/10-
ISR Stealer
ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
-
ISR Stealer payload
-
NirSoft MailPassView
Password recovery tool for various email clients
-
Nirsoft
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook accounts
-
Suspicious use of SetThreadContext
-