General
-
Target
cb4a93864a19fc14c1e5221912f8e7f409b5b8d835f1b3acc3712b80e4a909f1
-
Size
598KB
-
Sample
240410-rg47nsdf8y
-
MD5
e0ca9d7fdf345af474332533ee50dfb6
-
SHA1
303f5df8841a33886413435a61809d338a66639b
-
SHA256
cb4a93864a19fc14c1e5221912f8e7f409b5b8d835f1b3acc3712b80e4a909f1
-
SHA512
93d04456ca2915ed7cbfe8058b4283198cd9851e73dd4d2e2271889be622c3aa498506cb7ceef63d0eb1243d9987373fe47f0f579e96c03a6a3e5f5321f9d616
-
SSDEEP
12288:jN2vXjWMzp7E9Yy+PIPx2TQ1RABd89XBJm3QXNOZJxRYE601YlPmOU8L:jgrh7E6r5Q7AaJBo3QXerYfe0
Malware Config
Targets
-
-
Target
cb4a93864a19fc14c1e5221912f8e7f409b5b8d835f1b3acc3712b80e4a909f1
-
Size
598KB
-
MD5
e0ca9d7fdf345af474332533ee50dfb6
-
SHA1
303f5df8841a33886413435a61809d338a66639b
-
SHA256
cb4a93864a19fc14c1e5221912f8e7f409b5b8d835f1b3acc3712b80e4a909f1
-
SHA512
93d04456ca2915ed7cbfe8058b4283198cd9851e73dd4d2e2271889be622c3aa498506cb7ceef63d0eb1243d9987373fe47f0f579e96c03a6a3e5f5321f9d616
-
SSDEEP
12288:jN2vXjWMzp7E9Yy+PIPx2TQ1RABd89XBJm3QXNOZJxRYE601YlPmOU8L:jgrh7E6r5Q7AaJBo3QXerYfe0
Score10/10-
OutSteel
OutSteel is a file uploader and document stealer written in AutoIT.
-
OutSteel batch script
Detects batch script dropped by OutSteel
-
Deletes itself
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-