General
-
Target
c6c47d3d7e56213f0d0ced379c64e166ed5a86308ea96856163a4e0155b1fc6e
-
Size
1.1MB
-
Sample
240410-reet1aad65
-
MD5
29e47258c517f5f33349caacef044645
-
SHA1
42cfb37c1f47de8f1ef6f4dbd047c1a06922adc0
-
SHA256
c6c47d3d7e56213f0d0ced379c64e166ed5a86308ea96856163a4e0155b1fc6e
-
SHA512
edf41423deef4dfc38d634d89e9d39c65887f168deac577c075aa4cc92bc413c611ed3d5083398d35614b425fb5c0f6ecf1b624787e8f7f16bec4d70e17a6c9f
-
SSDEEP
12288:m/EKZq6eHNjHA3igt96CIBhwXYhCDcg1MXh6uLbhAvzLprAXpJicUOZL7SnJJMET:mAEKBWIhsccMXh64FCFaycjZL7SnU/q
Malware Config
Targets
-
-
Target
c6c47d3d7e56213f0d0ced379c64e166ed5a86308ea96856163a4e0155b1fc6e
-
Size
1.1MB
-
MD5
29e47258c517f5f33349caacef044645
-
SHA1
42cfb37c1f47de8f1ef6f4dbd047c1a06922adc0
-
SHA256
c6c47d3d7e56213f0d0ced379c64e166ed5a86308ea96856163a4e0155b1fc6e
-
SHA512
edf41423deef4dfc38d634d89e9d39c65887f168deac577c075aa4cc92bc413c611ed3d5083398d35614b425fb5c0f6ecf1b624787e8f7f16bec4d70e17a6c9f
-
SSDEEP
12288:m/EKZq6eHNjHA3igt96CIBhwXYhCDcg1MXh6uLbhAvzLprAXpJicUOZL7SnJJMET:mAEKBWIhsccMXh64FCFaycjZL7SnU/q
Score10/10-
OutSteel
OutSteel is a file uploader and document stealer written in AutoIT.
-
OutSteel batch script
Detects batch script dropped by OutSteel
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-