General
-
Target
a9a89bb76c6f06277b729bc2de5e1aaef05fc0d9675edbc0895c7591c35f17eb
-
Size
537KB
-
Sample
240410-qkva7sha76
-
MD5
7327a3dd34b3a6c218d00ef9cfa2ef1b
-
SHA1
2b12fae645fce9c944e6035f6e69bdc67103f28d
-
SHA256
a9a89bb76c6f06277b729bc2de5e1aaef05fc0d9675edbc0895c7591c35f17eb
-
SHA512
e82f5027bff214293df7c390eeab6396e7a5dcb965bf0c57e6343c6c897f4a2804e37847b1b9790c2d5eee8f0adf551b93afadb7f5ff73556a6c552dd1c604f1
-
SSDEEP
12288:fTfkeaLvOAyAEEuqlHJRzw+XE2uQXBirHdhqo+HSk:PaSAyAg4pK+LuQXBirHuoUl
Malware Config
Targets
-
-
Target
a9a89bb76c6f06277b729bc2de5e1aaef05fc0d9675edbc0895c7591c35f17eb
-
Size
537KB
-
MD5
7327a3dd34b3a6c218d00ef9cfa2ef1b
-
SHA1
2b12fae645fce9c944e6035f6e69bdc67103f28d
-
SHA256
a9a89bb76c6f06277b729bc2de5e1aaef05fc0d9675edbc0895c7591c35f17eb
-
SHA512
e82f5027bff214293df7c390eeab6396e7a5dcb965bf0c57e6343c6c897f4a2804e37847b1b9790c2d5eee8f0adf551b93afadb7f5ff73556a6c552dd1c604f1
-
SSDEEP
12288:fTfkeaLvOAyAEEuqlHJRzw+XE2uQXBirHdhqo+HSk:PaSAyAg4pK+LuQXBirHuoUl
Score10/10-
OutSteel
OutSteel is a file uploader and document stealer written in AutoIT.
-
OutSteel batch script
Detects batch script dropped by OutSteel
-
Deletes itself
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-