General
-
Target
79a10526b6ec5da00800657516c9d6f5c562168bc71a3b00a998134326e97a78
-
Size
962KB
-
Sample
221126-ej2s4saf38
-
MD5
3cf6b656e35d104433107102910ac4e8
-
SHA1
56ed850ada396ecc42a2c6f25ff98d542f0bc24f
-
SHA256
79a10526b6ec5da00800657516c9d6f5c562168bc71a3b00a998134326e97a78
-
SHA512
d1c2e67a92e719c2af2546844c6133768ecc4ffcd8e8e32d375eeb918b85a1ba1c65b7f9ce4ffa2e02dcb4d4b47b593e7c22370a7077a7caaf0434a2f2b3998d
-
SSDEEP
12288:uaWzgMg7v3qnCiMErQohh0F4CCJ8lny/QgurY9oGE15jSsFZyoopXPRpSD0y:ZaHMv6Corjqny/QgU2oRNFZyoG5pSDl
Malware Config
Targets
-
-
Target
79a10526b6ec5da00800657516c9d6f5c562168bc71a3b00a998134326e97a78
-
Size
962KB
-
MD5
3cf6b656e35d104433107102910ac4e8
-
SHA1
56ed850ada396ecc42a2c6f25ff98d542f0bc24f
-
SHA256
79a10526b6ec5da00800657516c9d6f5c562168bc71a3b00a998134326e97a78
-
SHA512
d1c2e67a92e719c2af2546844c6133768ecc4ffcd8e8e32d375eeb918b85a1ba1c65b7f9ce4ffa2e02dcb4d4b47b593e7c22370a7077a7caaf0434a2f2b3998d
-
SSDEEP
12288:uaWzgMg7v3qnCiMErQohh0F4CCJ8lny/QgurY9oGE15jSsFZyoopXPRpSD0y:ZaHMv6Corjqny/QgU2oRNFZyoG5pSDl
Score10/10-
ISR Stealer
ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
-
ISR Stealer payload
-
NirSoft MailPassView
Password recovery tool for various email clients
-
Nirsoft
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook accounts
-
Suspicious use of SetThreadContext
-