outsteel | 37be3d8810959e63d5b6535164e51f16ccea9ca11d7dab7c1dfaa335affe6e3d | Triage

Sharing

General

Target

37be3d8810959e63d5b6535164e51f16ccea9ca11d7dab7c1dfaa335affe6e3d
Size

878KB
Sample

240410-md6h4sfc5y
MD5

83cd7984cee0a4fde468216521d9d3fc
SHA1

e8fa43110dd36085d79199788d2ea5c57236136e
SHA256

37be3d8810959e63d5b6535164e51f16ccea9ca11d7dab7c1dfaa335affe6e3d
SHA512

5df4a3afeeb18f38900c224622b32c5f729f6678bb4f24a75b0994372360a68a3b838375d67c89d843c386091c595dfe6b42dcd7d763d8381811eade68101245
SSDEEP

24576:zAHnh+eWsN3skA4RV1Hom2KXRmLaFtL5:+h+ZkldoPKBgaFf

Score

10^/10

outsteel spyware stealer

Malware Config

Targets

- Target
  
  37be3d8810959e63d5b6535164e51f16ccea9ca11d7dab7c1dfaa335affe6e3d
- Size
  
  878KB
- MD5
  
  83cd7984cee0a4fde468216521d9d3fc
- SHA1
  
  e8fa43110dd36085d79199788d2ea5c57236136e
- SHA256
  
  37be3d8810959e63d5b6535164e51f16ccea9ca11d7dab7c1dfaa335affe6e3d
- SHA512
  
  5df4a3afeeb18f38900c224622b32c5f729f6678bb4f24a75b0994372360a68a3b838375d67c89d843c386091c595dfe6b42dcd7d763d8381811eade68101245
- SSDEEP
  
  24576:zAHnh+eWsN3skA4RV1Hom2KXRmLaFtL5:+h+ZkldoPKBgaFf
Score

10^/10

outsteel spyware stealer
- OutSteel
  OutSteel is a file uploader and document stealer written in AutoIT.
  stealer outsteel
- OutSteel batch script
  Detects batch script dropped by OutSteel
- Deletes itself
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

outsteelspywarestealer

behavioral2

outsteelspywarestealer