General
-
Target
b0b4550ba09080e02c8a15cec8b5aeaa9fbb193cec1d92c793bdede78a70cec6
-
Size
588KB
-
Sample
240410-qs1g7ace6t
-
MD5
89aafef2f334d6349d3d850e7f68f10f
-
SHA1
97b4b5f19be70177dc5f867ed580478c9dc7e2b6
-
SHA256
b0b4550ba09080e02c8a15cec8b5aeaa9fbb193cec1d92c793bdede78a70cec6
-
SHA512
b44bcba8e659678938aa21bd1a9d74706e80564020dc1826d38e2aadde946a22180174e777406648601daad09a79a8621778d84c0a26480dd81348d5cc58320e
-
SSDEEP
12288:DpTALXjWMzp7E9Yy+PIPx2TQ1RABd89XBJm3QXNOZJxRYE601YljkWhM6A+:DpT2h7E6r5Q7AaJBo3QXerYfjT
Malware Config
Targets
-
-
Target
b0b4550ba09080e02c8a15cec8b5aeaa9fbb193cec1d92c793bdede78a70cec6
-
Size
588KB
-
MD5
89aafef2f334d6349d3d850e7f68f10f
-
SHA1
97b4b5f19be70177dc5f867ed580478c9dc7e2b6
-
SHA256
b0b4550ba09080e02c8a15cec8b5aeaa9fbb193cec1d92c793bdede78a70cec6
-
SHA512
b44bcba8e659678938aa21bd1a9d74706e80564020dc1826d38e2aadde946a22180174e777406648601daad09a79a8621778d84c0a26480dd81348d5cc58320e
-
SSDEEP
12288:DpTALXjWMzp7E9Yy+PIPx2TQ1RABd89XBJm3QXNOZJxRYE601YljkWhM6A+:DpT2h7E6r5Q7AaJBo3QXerYfjT
Score10/10-
OutSteel
OutSteel is a file uploader and document stealer written in AutoIT.
-
OutSteel batch script
Detects batch script dropped by OutSteel
-
Deletes itself
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-