General
-
Target
ccf8570f8cc95e0c5c12ed9625bf62b39ade884e4a89153bccd0c8f1254bb696
-
Size
488KB
-
Sample
221207-nbh6gabc87
-
MD5
31849732db31402c9bad435cf3941af9
-
SHA1
b9520c2470d2a32dc5e78ba377fb924d871fb43f
-
SHA256
ccf8570f8cc95e0c5c12ed9625bf62b39ade884e4a89153bccd0c8f1254bb696
-
SHA512
a6001db3badf6fdc35a5b0f7b14793946aa00a5c1c1a3e3631b06e5b12bd957f4017b746c47cbca4803100a3de5eac872f3870907ff16a8f7da1b7be9a243ed4
-
SSDEEP
12288:LoVfwss338SEFjzWnt/nZPeG582RKL23JRpOcTEfFjrBIPS1xtuq:bEFjzWnt/nZP382RZXAVaPSP
Malware Config
Targets
-
-
Target
ccf8570f8cc95e0c5c12ed9625bf62b39ade884e4a89153bccd0c8f1254bb696
-
Size
488KB
-
MD5
31849732db31402c9bad435cf3941af9
-
SHA1
b9520c2470d2a32dc5e78ba377fb924d871fb43f
-
SHA256
ccf8570f8cc95e0c5c12ed9625bf62b39ade884e4a89153bccd0c8f1254bb696
-
SHA512
a6001db3badf6fdc35a5b0f7b14793946aa00a5c1c1a3e3631b06e5b12bd957f4017b746c47cbca4803100a3de5eac872f3870907ff16a8f7da1b7be9a243ed4
-
SSDEEP
12288:LoVfwss338SEFjzWnt/nZPeG582RKL23JRpOcTEfFjrBIPS1xtuq:bEFjzWnt/nZP382RZXAVaPSP
Score10/10-
ISR Stealer
ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
-
ISR Stealer payload
-
NirSoft MailPassView
Password recovery tool for various email clients
-
NirSoft WebBrowserPassView
Password recovery tool for various web browsers
-
Nirsoft
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook accounts
-
Suspicious use of SetThreadContext
-