General
-
Target
4309cf5fb9b2df3f0697a704dc8fa1764ecb5fc0c89ec0a49e4d62e7746650e1
-
Size
344KB
-
Sample
221125-crb7bahc2y
-
MD5
87a98db6af2353cc097dc85484f97ff8
-
SHA1
433ef975fd9cffd9ee28d87a01bc963392fb2acb
-
SHA256
4309cf5fb9b2df3f0697a704dc8fa1764ecb5fc0c89ec0a49e4d62e7746650e1
-
SHA512
da11af4d38b674249ff2368e4b90dcfd3d4fced3ebcac12a14aa22623f0d789ecdb386083181d5ca14040003854deaf194f167606bcbf6bcf5b2d2b696d7535c
-
SSDEEP
6144:Toe/JOO2Dmb894GIQzEmYrPUwWCh4ePil1CV+Pk0ylQLPJ2tPHQtmAx:ToecDe894ZQzrYrX5h4eKXCVyiEBwPHs
Malware Config
Targets
-
-
Target
4309cf5fb9b2df3f0697a704dc8fa1764ecb5fc0c89ec0a49e4d62e7746650e1
-
Size
344KB
-
MD5
87a98db6af2353cc097dc85484f97ff8
-
SHA1
433ef975fd9cffd9ee28d87a01bc963392fb2acb
-
SHA256
4309cf5fb9b2df3f0697a704dc8fa1764ecb5fc0c89ec0a49e4d62e7746650e1
-
SHA512
da11af4d38b674249ff2368e4b90dcfd3d4fced3ebcac12a14aa22623f0d789ecdb386083181d5ca14040003854deaf194f167606bcbf6bcf5b2d2b696d7535c
-
SSDEEP
6144:Toe/JOO2Dmb894GIQzEmYrPUwWCh4ePil1CV+Pk0ylQLPJ2tPHQtmAx:ToecDe894ZQzrYrX5h4eKXCVyiEBwPHs
Score10/10-
ISR Stealer
ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
-
ISR Stealer payload
-
NirSoft MailPassView
Password recovery tool for various email clients
-
Nirsoft
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook accounts
-
Suspicious use of SetThreadContext
-