General
-
Target
8e4706364a18071abeaabb5a40a08b43205e77ff7955c6a933efe1f93a3507d5
-
Size
247KB
-
Sample
221030-t1x9ksbahk
-
MD5
81ab97fdd0660d08d6f6334116431309
-
SHA1
0e99bc5fab08cc8b1d379d3addef0f96c3196f3a
-
SHA256
8e4706364a18071abeaabb5a40a08b43205e77ff7955c6a933efe1f93a3507d5
-
SHA512
0d94e66a01f5a4228460bca3d5ed040c585aa4d9ef1f9777e6471b3909cd09ebaedfe3d619005af16bff5e7da8e43dff4ac8b0e4d0c5f39214fde76bf319119e
-
SSDEEP
6144:f4Ma4fmYPR06+8pB+3Qsu0wtSZvTEiqjmxCm3rF:zN06+84Qs+t6z
Malware Config
Targets
-
-
Target
8e4706364a18071abeaabb5a40a08b43205e77ff7955c6a933efe1f93a3507d5
-
Size
247KB
-
MD5
81ab97fdd0660d08d6f6334116431309
-
SHA1
0e99bc5fab08cc8b1d379d3addef0f96c3196f3a
-
SHA256
8e4706364a18071abeaabb5a40a08b43205e77ff7955c6a933efe1f93a3507d5
-
SHA512
0d94e66a01f5a4228460bca3d5ed040c585aa4d9ef1f9777e6471b3909cd09ebaedfe3d619005af16bff5e7da8e43dff4ac8b0e4d0c5f39214fde76bf319119e
-
SSDEEP
6144:f4Ma4fmYPR06+8pB+3Qsu0wtSZvTEiqjmxCm3rF:zN06+84Qs+t6z
Score10/10-
ISR Stealer
ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
-
ISR Stealer payload
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious use of SetThreadContext
-