General
-
Target
18773fe84558551679ec26dc05c7ecf4d1e035790f0a2cb13c934e309c5b0e75
-
Size
444KB
-
Sample
221129-xw5pmsge69
-
MD5
327e81baa6ab91ba7d61306422cdcc39
-
SHA1
0e2c0f371b55ea054972fdfe4aaafacc7dade157
-
SHA256
18773fe84558551679ec26dc05c7ecf4d1e035790f0a2cb13c934e309c5b0e75
-
SHA512
084a014e33dc92a4a6e29357834515d6c41fa69d3ff5d537eca20d221c68d1b00d0e655181b7735e617c27d03194c8641415693d69f661d4f2c0dd4fb78ca3bc
-
SSDEEP
12288:Iq8q3C4c0C3jaJBaPHaKx8Xk8NxagaElleY:/8czc3Ywt8XzNxagaClz
Malware Config
Targets
-
-
Target
18773fe84558551679ec26dc05c7ecf4d1e035790f0a2cb13c934e309c5b0e75
-
Size
444KB
-
MD5
327e81baa6ab91ba7d61306422cdcc39
-
SHA1
0e2c0f371b55ea054972fdfe4aaafacc7dade157
-
SHA256
18773fe84558551679ec26dc05c7ecf4d1e035790f0a2cb13c934e309c5b0e75
-
SHA512
084a014e33dc92a4a6e29357834515d6c41fa69d3ff5d537eca20d221c68d1b00d0e655181b7735e617c27d03194c8641415693d69f661d4f2c0dd4fb78ca3bc
-
SSDEEP
12288:Iq8q3C4c0C3jaJBaPHaKx8Xk8NxagaElleY:/8czc3Ywt8XzNxagaClz
Score9/10-
NirSoft MailPassView
Password recovery tool for various email clients
-
NirSoft WebBrowserPassView
Password recovery tool for various web browsers
-
Nirsoft
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook accounts
-
Suspicious use of SetThreadContext
-