General
-
Target
67527e9f75331a4e9fe01b38c5ee91b9c19df0a6dbe4098f58496744a0b55f71
-
Size
1.1MB
-
Sample
221202-wzdvnafc9t
-
MD5
f65fac3abb55ab1face9519ba539e936
-
SHA1
40a89c58912a8b9b9b16a9167d63179f603eefd4
-
SHA256
67527e9f75331a4e9fe01b38c5ee91b9c19df0a6dbe4098f58496744a0b55f71
-
SHA512
b54022c35f1d642996a57b0fb0f775b2de36e7545d1d5ffcc0c08e3fd8b49f4c03a89360a71b509c434cf6929f9de3eba96b1bbb4157f42e1199ed9aab502a73
-
SSDEEP
12288:IafeuuU1Jj/F7g1zjA9zPyKwrIEaIL1UEThBXS2O13u0rl14OtlLCLCSG5:d24zFMV85Py6b663zv5tlmLlO
Malware Config
Targets
-
-
Target
67527e9f75331a4e9fe01b38c5ee91b9c19df0a6dbe4098f58496744a0b55f71
-
Size
1.1MB
-
MD5
f65fac3abb55ab1face9519ba539e936
-
SHA1
40a89c58912a8b9b9b16a9167d63179f603eefd4
-
SHA256
67527e9f75331a4e9fe01b38c5ee91b9c19df0a6dbe4098f58496744a0b55f71
-
SHA512
b54022c35f1d642996a57b0fb0f775b2de36e7545d1d5ffcc0c08e3fd8b49f4c03a89360a71b509c434cf6929f9de3eba96b1bbb4157f42e1199ed9aab502a73
-
SSDEEP
12288:IafeuuU1Jj/F7g1zjA9zPyKwrIEaIL1UEThBXS2O13u0rl14OtlLCLCSG5:d24zFMV85Py6b663zv5tlmLlO
Score10/10-
ISR Stealer
ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
-
ISR Stealer payload
-
NirSoft MailPassView
Password recovery tool for various email clients
-
NirSoft WebBrowserPassView
Password recovery tool for various web browsers
-
Nirsoft
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook accounts
-
Suspicious use of SetThreadContext
-