General
-
Target
c4b4d10e9d967a006505907d46fa42354ffca0cce0987cf629708ea780260e40
-
Size
444KB
-
Sample
221129-d7wfkabh52
-
MD5
8c25b72212c4f8c22abe23a178b672f4
-
SHA1
fbe6d93d1d0df007b5436ee8d89da4e9881e2da9
-
SHA256
c4b4d10e9d967a006505907d46fa42354ffca0cce0987cf629708ea780260e40
-
SHA512
524b2d8cd6975d078a9beaae5d2639e609b868625ca4136c44c876f401b6b8f6a612535f3708d55812ea9adcec8fdefe7dc0ff79b783a594caac56c1518585df
-
SSDEEP
12288:Xq5q3C4c0C3jaJBaPHaKx8Xk8NxagaElleY:65czc3Ywt8XzNxagaClz
Malware Config
Targets
-
-
Target
c4b4d10e9d967a006505907d46fa42354ffca0cce0987cf629708ea780260e40
-
Size
444KB
-
MD5
8c25b72212c4f8c22abe23a178b672f4
-
SHA1
fbe6d93d1d0df007b5436ee8d89da4e9881e2da9
-
SHA256
c4b4d10e9d967a006505907d46fa42354ffca0cce0987cf629708ea780260e40
-
SHA512
524b2d8cd6975d078a9beaae5d2639e609b868625ca4136c44c876f401b6b8f6a612535f3708d55812ea9adcec8fdefe7dc0ff79b783a594caac56c1518585df
-
SSDEEP
12288:Xq5q3C4c0C3jaJBaPHaKx8Xk8NxagaElleY:65czc3Ywt8XzNxagaClz
Score9/10-
NirSoft MailPassView
Password recovery tool for various email clients
-
NirSoft WebBrowserPassView
Password recovery tool for various web browsers
-
Nirsoft
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook accounts
-
Suspicious use of SetThreadContext
-