General
-
Target
Halkbank,pdf.exe
-
Size
774KB
-
Sample
231012-h4k8msff65
-
MD5
9b2179379bb6e1db0736ff6f0d1802d7
-
SHA1
05224683315e5bd369459a0261627f04e2e49c31
-
SHA256
78dda119ddc3b77095009f357809e3451bb897e51053601b1088ae5c61949097
-
SHA512
430ad61a637fb5d315a94d753f73aabe3d25fa1cc25673fde71e88b730527c089c46b117d6dfaed84b760b0c6a6aa9729f17ec3b56e74338be0898a848388d09
-
SSDEEP
12288:NGDOji83jDZJ0CbJOOBgVIjPLPEZkckxpG1QcA3HxiffSogx8E9k8BJQ:wCF3j9GeJOVVIjTxlL3AffSoU8+k8o
Static task
static1
Behavioral task
behavioral1
Sample
Halkbank,pdf.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
Halkbank,pdf.exe
Resource
win10v2004-20230915-en
Malware Config
Targets
-
-
Target
Halkbank,pdf.exe
-
Size
774KB
-
MD5
9b2179379bb6e1db0736ff6f0d1802d7
-
SHA1
05224683315e5bd369459a0261627f04e2e49c31
-
SHA256
78dda119ddc3b77095009f357809e3451bb897e51053601b1088ae5c61949097
-
SHA512
430ad61a637fb5d315a94d753f73aabe3d25fa1cc25673fde71e88b730527c089c46b117d6dfaed84b760b0c6a6aa9729f17ec3b56e74338be0898a848388d09
-
SSDEEP
12288:NGDOji83jDZJ0CbJOOBgVIjPLPEZkckxpG1QcA3HxiffSogx8E9k8BJQ:wCF3j9GeJOVVIjTxlL3AffSoU8+k8o
Score10/10-
ISR Stealer
ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
-
ISR Stealer payload
-
NirSoft MailPassView
Password recovery tool for various email clients
-
Nirsoft
-
Accesses Microsoft Outlook accounts
-
Suspicious use of SetThreadContext
-