General
-
Target
9117aeeb03ec7c3c491e1c991ec2fd6d009b751532a71c1b5846c2cb3024c023
-
Size
710KB
-
Sample
221205-1776pafd8z
-
MD5
d2928d7db45a8895e7404c3b49fa6ac5
-
SHA1
d7df95b2ac36f876bdecc3c7892b78e26a959ff5
-
SHA256
9117aeeb03ec7c3c491e1c991ec2fd6d009b751532a71c1b5846c2cb3024c023
-
SHA512
a1e13d8af6b28d50a603bbc9c22737f410412b5733181e6d3a07449b26da108130c88d1257bb7587b5e979250c312956c43d7b5643e4af8da8401ac6d8b58979
-
SSDEEP
12288:JEhcgYSBegjUnKywvQN6E8W0ILdf5PXsh/rap7gFbujDj3WUOs4qjQXGB64863uM:JsjUA5KVdfyh/+1gduaUOs49XGB64Vo4
Malware Config
Targets
-
-
Target
9117aeeb03ec7c3c491e1c991ec2fd6d009b751532a71c1b5846c2cb3024c023
-
Size
710KB
-
MD5
d2928d7db45a8895e7404c3b49fa6ac5
-
SHA1
d7df95b2ac36f876bdecc3c7892b78e26a959ff5
-
SHA256
9117aeeb03ec7c3c491e1c991ec2fd6d009b751532a71c1b5846c2cb3024c023
-
SHA512
a1e13d8af6b28d50a603bbc9c22737f410412b5733181e6d3a07449b26da108130c88d1257bb7587b5e979250c312956c43d7b5643e4af8da8401ac6d8b58979
-
SSDEEP
12288:JEhcgYSBegjUnKywvQN6E8W0ILdf5PXsh/rap7gFbujDj3WUOs4qjQXGB64863uM:JsjUA5KVdfyh/+1gduaUOs49XGB64Vo4
Score10/10-
ISR Stealer
ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
-
ISR Stealer payload
-
NirSoft MailPassView
Password recovery tool for various email clients
-
NirSoft WebBrowserPassView
Password recovery tool for various web browsers
-
Nirsoft
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook accounts
-
Suspicious use of SetThreadContext
-