General
-
Target
f8be227a3ee9342184e540cc6f435b3121e56c3fe1e4d6a9bb4351d8f82bb021
-
Size
485KB
-
Sample
221127-rw1g2adh97
-
MD5
62841697da27359623d72d5badf5d92b
-
SHA1
8f359a32c968c8704f312161de0045571aa115ba
-
SHA256
f8be227a3ee9342184e540cc6f435b3121e56c3fe1e4d6a9bb4351d8f82bb021
-
SHA512
a75e6d2acbdc37ce71fc8955a9f44b17bc18b29a0cc2f1acd6961b304e6679fbeac21f9943668896c6381c57185766b3cecb3da76f1188c08d8f0022d0346c33
-
SSDEEP
6144:JTWL/Jgcp+ZzyzEIPJhtQcYhND0NVVXZuuxrBGyMifRiyR4Kal6F4:YL3+ozPXtONQTJ8uFkyMipiyaKaU
Static task
static1
Behavioral task
behavioral1
Sample
f8be227a3ee9342184e540cc6f435b3121e56c3fe1e4d6a9bb4351d8f82bb021.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
f8be227a3ee9342184e540cc6f435b3121e56c3fe1e4d6a9bb4351d8f82bb021.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
f8be227a3ee9342184e540cc6f435b3121e56c3fe1e4d6a9bb4351d8f82bb021
-
Size
485KB
-
MD5
62841697da27359623d72d5badf5d92b
-
SHA1
8f359a32c968c8704f312161de0045571aa115ba
-
SHA256
f8be227a3ee9342184e540cc6f435b3121e56c3fe1e4d6a9bb4351d8f82bb021
-
SHA512
a75e6d2acbdc37ce71fc8955a9f44b17bc18b29a0cc2f1acd6961b304e6679fbeac21f9943668896c6381c57185766b3cecb3da76f1188c08d8f0022d0346c33
-
SSDEEP
6144:JTWL/Jgcp+ZzyzEIPJhtQcYhND0NVVXZuuxrBGyMifRiyR4Kal6F4:YL3+ozPXtONQTJ8uFkyMipiyaKaU
Score10/10-
ISR Stealer
ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
-
ISR Stealer payload
-
NirSoft MailPassView
Password recovery tool for various email clients
-
Nirsoft
-
Uses the VBS compiler for execution
-
Accesses Microsoft Outlook accounts
-
Suspicious use of SetThreadContext
-