General
-
Target
dee9478ff171d4d8f8613b8718aa99d5ec861e382bae1db7843c3b8d76a8b57a
-
Size
700KB
-
Sample
221123-lzh49sga8w
-
MD5
13d9caa0db8d9776cc8c44f6abe99d17
-
SHA1
24314ef4ffef519d1b07a0aca214394c05a4b817
-
SHA256
dee9478ff171d4d8f8613b8718aa99d5ec861e382bae1db7843c3b8d76a8b57a
-
SHA512
0784785f262f657d942c3ddad0f631f1c81d153fd2764bc93f5568fa3c44eaa53fc86ca48c2d782dae7348078f17e89e98664f2f79fb02276b20b853f415cc09
-
SSDEEP
12288:PhGkvOy+NLEAhWNMs1gFYaex8Y9pbivMM5IB0dX0OQZdol/9YLbuoY:PhLR+qAhHsCY8YpSbOuX0xZACa5
Malware Config
Targets
-
-
Target
dee9478ff171d4d8f8613b8718aa99d5ec861e382bae1db7843c3b8d76a8b57a
-
Size
700KB
-
MD5
13d9caa0db8d9776cc8c44f6abe99d17
-
SHA1
24314ef4ffef519d1b07a0aca214394c05a4b817
-
SHA256
dee9478ff171d4d8f8613b8718aa99d5ec861e382bae1db7843c3b8d76a8b57a
-
SHA512
0784785f262f657d942c3ddad0f631f1c81d153fd2764bc93f5568fa3c44eaa53fc86ca48c2d782dae7348078f17e89e98664f2f79fb02276b20b853f415cc09
-
SSDEEP
12288:PhGkvOy+NLEAhWNMs1gFYaex8Y9pbivMM5IB0dX0OQZdol/9YLbuoY:PhLR+qAhHsCY8YpSbOuX0xZACa5
Score9/10-
NirSoft MailPassView
Password recovery tool for various email clients
-
Nirsoft
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook accounts
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-