General
-
Target
512136a03f5b36d767e7486d5658c699e70ee26377082ffe2e13f092fbfa1e35
-
Size
1005KB
-
Sample
221121-3ght8aeh5w
-
MD5
5e873f5f00c6dcf97b3fd8d39297624a
-
SHA1
8eec93ee2f37ef18e4087fd43ad806685d6038ec
-
SHA256
512136a03f5b36d767e7486d5658c699e70ee26377082ffe2e13f092fbfa1e35
-
SHA512
65526acd332a9db5b262c4c3d5915a9fd409f50dd5759aa4d0a6942a1a05c010a647c1cd2bba06505e5adcb0f9db6d3902ca13e0d2292a5aafd3c8a5671e74c8
-
SSDEEP
24576:RthEVaPqLVmmuIvLk6i63C68UQUQtbrcJcXhO88+PUlc49MCasdLphAIGAX9hj9w:JEVUc4mdzYh
Malware Config
Targets
-
-
Target
512136a03f5b36d767e7486d5658c699e70ee26377082ffe2e13f092fbfa1e35
-
Size
1005KB
-
MD5
5e873f5f00c6dcf97b3fd8d39297624a
-
SHA1
8eec93ee2f37ef18e4087fd43ad806685d6038ec
-
SHA256
512136a03f5b36d767e7486d5658c699e70ee26377082ffe2e13f092fbfa1e35
-
SHA512
65526acd332a9db5b262c4c3d5915a9fd409f50dd5759aa4d0a6942a1a05c010a647c1cd2bba06505e5adcb0f9db6d3902ca13e0d2292a5aafd3c8a5671e74c8
-
SSDEEP
24576:RthEVaPqLVmmuIvLk6i63C68UQUQtbrcJcXhO88+PUlc49MCasdLphAIGAX9hj9w:JEVUc4mdzYh
Score10/10-
ISR Stealer
ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
-
ISR Stealer payload
-
NirSoft MailPassView
Password recovery tool for various email clients
-
Nirsoft
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook accounts
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-