General
-
Target
a7795dca94bd4feb3b169329836cf0a02b1370ebc1a9870e15252e9670445266
-
Size
511KB
-
Sample
221130-g3gndsgf8z
-
MD5
27357af54e7d75be14a4e38ba4f3fbd0
-
SHA1
0722e3a0c887828268298f4ca020e610d8f1eb28
-
SHA256
a7795dca94bd4feb3b169329836cf0a02b1370ebc1a9870e15252e9670445266
-
SHA512
443d52d0f1b9073f50a421176ee044bbb7d324fe2237a8ced74d9a740d54c34ee6d099d462455f697507805633d4d829bef45b1a00536cd87c991bc3616e9bae
-
SSDEEP
12288:ZBEvmTCqFe9uIUmsRA/AfK+0iOihXYvS0Tk/uyyVEok:PAiFLIkAIf6iJkS0Tkuyt
Malware Config
Targets
-
-
Target
a7795dca94bd4feb3b169329836cf0a02b1370ebc1a9870e15252e9670445266
-
Size
511KB
-
MD5
27357af54e7d75be14a4e38ba4f3fbd0
-
SHA1
0722e3a0c887828268298f4ca020e610d8f1eb28
-
SHA256
a7795dca94bd4feb3b169329836cf0a02b1370ebc1a9870e15252e9670445266
-
SHA512
443d52d0f1b9073f50a421176ee044bbb7d324fe2237a8ced74d9a740d54c34ee6d099d462455f697507805633d4d829bef45b1a00536cd87c991bc3616e9bae
-
SSDEEP
12288:ZBEvmTCqFe9uIUmsRA/AfK+0iOihXYvS0Tk/uyyVEok:PAiFLIkAIf6iJkS0Tkuyt
Score10/10-
ISR Stealer
ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
-
ISR Stealer payload
-
NirSoft MailPassView
Password recovery tool for various email clients
-
NirSoft WebBrowserPassView
Password recovery tool for various web browsers
-
Nirsoft
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook accounts
-
Suspicious use of SetThreadContext
-