General
-
Target
cb17b68606afa1e5ab65fd6fe4552dcb855d17f04255e9ba87f1577e38db9790
-
Size
444KB
-
Sample
221202-kqjtrsbb45
-
MD5
eaa0dd1f899f3f3ca4a6d86b53bfca52
-
SHA1
98cd1f7402446ff487b744120d5a7084713a87a0
-
SHA256
cb17b68606afa1e5ab65fd6fe4552dcb855d17f04255e9ba87f1577e38db9790
-
SHA512
65b59b259cf1eccdc443d19d3499e02994b4275e9df8c8268896355f76a1fd25e702138bc03eb77c1bbfc28483b04026a4916dc7f630bdac7ae7d595a6afbc0a
-
SSDEEP
12288:Kq8q3C4c0C3jaJBaPHaKx8Xk8NxagaElleY:x8czc3Ywt8XzNxagaClz
Malware Config
Targets
-
-
Target
cb17b68606afa1e5ab65fd6fe4552dcb855d17f04255e9ba87f1577e38db9790
-
Size
444KB
-
MD5
eaa0dd1f899f3f3ca4a6d86b53bfca52
-
SHA1
98cd1f7402446ff487b744120d5a7084713a87a0
-
SHA256
cb17b68606afa1e5ab65fd6fe4552dcb855d17f04255e9ba87f1577e38db9790
-
SHA512
65b59b259cf1eccdc443d19d3499e02994b4275e9df8c8268896355f76a1fd25e702138bc03eb77c1bbfc28483b04026a4916dc7f630bdac7ae7d595a6afbc0a
-
SSDEEP
12288:Kq8q3C4c0C3jaJBaPHaKx8Xk8NxagaElleY:x8czc3Ywt8XzNxagaClz
Score9/10-
NirSoft MailPassView
Password recovery tool for various email clients
-
NirSoft WebBrowserPassView
Password recovery tool for various web browsers
-
Nirsoft
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook accounts
-
Suspicious use of SetThreadContext
-