General
-
Target
83d392cb13556b26a56b14252fd78b9c22d7cbae259148af63e17f36969b6fd0
-
Size
555KB
-
Sample
221126-s98agahh2y
-
MD5
64b4332c9f57ae4f9f08923f1e14ff99
-
SHA1
d4f6bc5c544a3553840b82da301c5a736590ac23
-
SHA256
83d392cb13556b26a56b14252fd78b9c22d7cbae259148af63e17f36969b6fd0
-
SHA512
22ebef8758d32b46f7dfa2f2e09aa0bad029e8fd8d401dcd97468f7ff368ec9c15935af4c70ad45e5c7b2b51fd13b283fd3ebc206cc6252e23a7a99126b8243d
-
SSDEEP
12288:QzDTo+c8NlvH0tGJjeM5u8v+VmlE2GLJ0up7bx:wxbP0tkaM5Rwm6200Wx
Malware Config
Targets
-
-
Target
83d392cb13556b26a56b14252fd78b9c22d7cbae259148af63e17f36969b6fd0
-
Size
555KB
-
MD5
64b4332c9f57ae4f9f08923f1e14ff99
-
SHA1
d4f6bc5c544a3553840b82da301c5a736590ac23
-
SHA256
83d392cb13556b26a56b14252fd78b9c22d7cbae259148af63e17f36969b6fd0
-
SHA512
22ebef8758d32b46f7dfa2f2e09aa0bad029e8fd8d401dcd97468f7ff368ec9c15935af4c70ad45e5c7b2b51fd13b283fd3ebc206cc6252e23a7a99126b8243d
-
SSDEEP
12288:QzDTo+c8NlvH0tGJjeM5u8v+VmlE2GLJ0up7bx:wxbP0tkaM5Rwm6200Wx
Score9/10-
NirSoft MailPassView
Password recovery tool for various email clients
-
NirSoft WebBrowserPassView
Password recovery tool for various web browsers
-
Nirsoft
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook accounts
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-