General
-
Target
8b5a7090e81e9daa36d8fd8014584ea4f25e9c9b82c9114707c15c1c14114bdf
-
Size
925KB
-
Sample
221130-yr9cpsdg6s
-
MD5
b44ce3373ae42a70e0b05f6c187d63fb
-
SHA1
a84bf89d410d5de6c36acbc6f18ad7898234961e
-
SHA256
8b5a7090e81e9daa36d8fd8014584ea4f25e9c9b82c9114707c15c1c14114bdf
-
SHA512
c71ecef2b1060c8fe91c0864612dbe3a4df1680e5ddd0d0caae944099ab018509a06fb3b1aa3030f47ab33671d3fdda4ac62d0abb72ba08e4508e65cee07679b
-
SSDEEP
24576:gRmJkcoQricOIQxiZY1iaYbbg0MqCnzOWpLC:VJZoQrbTFZY1iaYbsFni6C
Malware Config
Targets
-
-
Target
8b5a7090e81e9daa36d8fd8014584ea4f25e9c9b82c9114707c15c1c14114bdf
-
Size
925KB
-
MD5
b44ce3373ae42a70e0b05f6c187d63fb
-
SHA1
a84bf89d410d5de6c36acbc6f18ad7898234961e
-
SHA256
8b5a7090e81e9daa36d8fd8014584ea4f25e9c9b82c9114707c15c1c14114bdf
-
SHA512
c71ecef2b1060c8fe91c0864612dbe3a4df1680e5ddd0d0caae944099ab018509a06fb3b1aa3030f47ab33671d3fdda4ac62d0abb72ba08e4508e65cee07679b
-
SSDEEP
24576:gRmJkcoQricOIQxiZY1iaYbbg0MqCnzOWpLC:VJZoQrbTFZY1iaYbsFni6C
Score10/10-
ISR Stealer
ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
-
ISR Stealer payload
-
NirSoft MailPassView
Password recovery tool for various email clients
-
Nirsoft
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook accounts
-
Suspicious use of SetThreadContext
-