General
-
Target
4fa0120232fbaed41bc4039a63818e0cd05cbf386e3198da8551c7ea390ce3dc
-
Size
1.1MB
-
Sample
221123-lwxhgsfh3w
-
MD5
0978c0afb277d9b7d385877d337ce00d
-
SHA1
4bc4c1cb8ca4c7be485f86cc9f5de65bf92a3af2
-
SHA256
4fa0120232fbaed41bc4039a63818e0cd05cbf386e3198da8551c7ea390ce3dc
-
SHA512
e0ce1d5e8ed831bb8ec767b3db7865afa90bf2f7b3c1c13a09ccf95b8d7d969a9a53a26fe65ce0a37cf55cb11dc90acfe01962d9ef423fcb2b13f8da925998b7
-
SSDEEP
24576:8RmJkqoQrilOIQ+yMxGaCyM0SQOb/yIwhCtS:tJXoQryTiMxGaCLOOb/yhQS
Malware Config
Targets
-
-
Target
4fa0120232fbaed41bc4039a63818e0cd05cbf386e3198da8551c7ea390ce3dc
-
Size
1.1MB
-
MD5
0978c0afb277d9b7d385877d337ce00d
-
SHA1
4bc4c1cb8ca4c7be485f86cc9f5de65bf92a3af2
-
SHA256
4fa0120232fbaed41bc4039a63818e0cd05cbf386e3198da8551c7ea390ce3dc
-
SHA512
e0ce1d5e8ed831bb8ec767b3db7865afa90bf2f7b3c1c13a09ccf95b8d7d969a9a53a26fe65ce0a37cf55cb11dc90acfe01962d9ef423fcb2b13f8da925998b7
-
SSDEEP
24576:8RmJkqoQrilOIQ+yMxGaCyM0SQOb/yIwhCtS:tJXoQryTiMxGaCLOOb/yhQS
Score10/10-
ISR Stealer
ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
-
ISR Stealer payload
-
NirSoft MailPassView
Password recovery tool for various email clients
-
Nirsoft
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook accounts
-
Suspicious use of SetThreadContext
-