General
-
Target
0f336f04ace148f1dd70a9f020d37848f1855b7a6b6b48a81e25805ef8117e5b
-
Size
1020KB
-
Sample
221128-xd6tzsgd78
-
MD5
4cc2c1d4268028ca0136799bb36408a0
-
SHA1
16fbc62b9334ec6c9f423f560c11f276b4d42cc1
-
SHA256
0f336f04ace148f1dd70a9f020d37848f1855b7a6b6b48a81e25805ef8117e5b
-
SHA512
901a81c3e62958f7327c9776b8e8181b3313e2042d4d7f75b9cfdc9f43dca4406b2cc2aaae12848256029f75eb56f58219e9add59e0d3bc1c408e6e39a92f2d0
-
SSDEEP
24576:WB5eCXf8iMnx4GER5XisEshTK0imdCGzEEaeZ1/8Dl:WqmJMnxKjieNKLYEEaw/M
Static task
static1
Behavioral task
behavioral1
Sample
0f336f04ace148f1dd70a9f020d37848f1855b7a6b6b48a81e25805ef8117e5b.exe
Resource
win7-20221111-en
Malware Config
Targets
-
-
Target
0f336f04ace148f1dd70a9f020d37848f1855b7a6b6b48a81e25805ef8117e5b
-
Size
1020KB
-
MD5
4cc2c1d4268028ca0136799bb36408a0
-
SHA1
16fbc62b9334ec6c9f423f560c11f276b4d42cc1
-
SHA256
0f336f04ace148f1dd70a9f020d37848f1855b7a6b6b48a81e25805ef8117e5b
-
SHA512
901a81c3e62958f7327c9776b8e8181b3313e2042d4d7f75b9cfdc9f43dca4406b2cc2aaae12848256029f75eb56f58219e9add59e0d3bc1c408e6e39a92f2d0
-
SSDEEP
24576:WB5eCXf8iMnx4GER5XisEshTK0imdCGzEEaeZ1/8Dl:WqmJMnxKjieNKLYEEaw/M
-
NirSoft MailPassView
Password recovery tool for various email clients
-
NirSoft WebBrowserPassView
Password recovery tool for various web browsers
-
Nirsoft
-
Uses the VBS compiler for execution
-
Accesses Microsoft Outlook accounts
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-