General
-
Target
cd8153855d4094d525b6675e7a4a4316ba5e067327e7c4238b37a705d2a02f8b
-
Size
312KB
-
Sample
221201-lglsfaed63
-
MD5
8edc409455c9eb7067a80d4ae34f0e4d
-
SHA1
3cd04dc81adba86573b229e6b10b8775f325bd86
-
SHA256
cd8153855d4094d525b6675e7a4a4316ba5e067327e7c4238b37a705d2a02f8b
-
SHA512
4fd98dad5aa619ec5cf8095a8f0606e8b383be85c8dc0d15db6a5402ff8a9a284b8438a73f6a20a4e59d198bed86045da696f2ca69475dc8d6689675fd009989
-
SSDEEP
6144://5EiUy8zxic4uYcSCLdbNsjbrfMYRtQ0jDqLlpg://2iUyGx3JTslQ0jDqLl
Malware Config
Targets
-
-
Target
cd8153855d4094d525b6675e7a4a4316ba5e067327e7c4238b37a705d2a02f8b
-
Size
312KB
-
MD5
8edc409455c9eb7067a80d4ae34f0e4d
-
SHA1
3cd04dc81adba86573b229e6b10b8775f325bd86
-
SHA256
cd8153855d4094d525b6675e7a4a4316ba5e067327e7c4238b37a705d2a02f8b
-
SHA512
4fd98dad5aa619ec5cf8095a8f0606e8b383be85c8dc0d15db6a5402ff8a9a284b8438a73f6a20a4e59d198bed86045da696f2ca69475dc8d6689675fd009989
-
SSDEEP
6144://5EiUy8zxic4uYcSCLdbNsjbrfMYRtQ0jDqLlpg://2iUyGx3JTslQ0jDqLl
Score10/10-
ISR Stealer
ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
-
ISR Stealer payload
-
NirSoft MailPassView
Password recovery tool for various email clients
-
Nirsoft
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook accounts
-
Suspicious use of SetThreadContext
-