This particular sample is obfuscated using Smart Assembly and packed inside a .NET based RunPE, after unpacking we can read the code of the malware.
This malware upload the information it steal from the victim through Email and\or FTP. The username and the password of the Email address and the FTP accounts stored in the file itself in an encrypted form.
This particular sample is using FTP (ftp.malaysiamalaysia.hints.me) in order to upload the stolen data to the attacker server.
It seems though that not many people got infected:
|FTP server logs|
The analyzed sample MD5 hash is: 98b8d26c35f13d7265aa1a4689f97e09 (VirusTotal 23/57), interestingly my unpacked version has less detection score on VirusTotal with 17/57 (but we get the name of the malware).
You can download the original packed and the unpacked version from here (password: infected).