1cd12640cd035338923aac16f8cbbc1625c3cd58b9dbb38e524948554ecea48a

General
Target

1cd12640cd035338923aac16f8cbbc1625c3cd58b9dbb38e524948554ecea48a

Size

783KB

Sample

201110-kepef222mj

Score
10 /10
MD5

fae8750fc4fbb827a87258ce330251a8

SHA1

1141f067de255d7442cfde1fc6991e20db57e4ba

SHA256

1cd12640cd035338923aac16f8cbbc1625c3cd58b9dbb38e524948554ecea48a

SHA512

251ecd8fda7a8cd4f5ca9c7714cbe4c5d9a12d329ae21e05757a8682b73abcc79b59d8f20105f3837eedd932c1b3473f6f58ef8fd1ae6ff3cb184692907192dc

Malware Config
Targets
Target

1cd12640cd035338923aac16f8cbbc1625c3cd58b9dbb38e524948554ecea48a

MD5

fae8750fc4fbb827a87258ce330251a8

Filesize

783KB

Score
10 /10
SHA1

1141f067de255d7442cfde1fc6991e20db57e4ba

SHA256

1cd12640cd035338923aac16f8cbbc1625c3cd58b9dbb38e524948554ecea48a

SHA512

251ecd8fda7a8cd4f5ca9c7714cbe4c5d9a12d329ae21e05757a8682b73abcc79b59d8f20105f3837eedd932c1b3473f6f58ef8fd1ae6ff3cb184692907192dc

Tags

Signatures

  • ISR Stealer

    Description

    ISR Stealer is a modified version of Hackhound Stealer written in visual basic.

    Tags

  • ISR Stealer Payload

  • NirSoft MailPassView

    Description

    Password recovery tool for various email clients

  • Nirsoft

  • UPX packed file

    Description

    Detects executables packed with UPX/modified UPX open source packer.

    Tags

  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local System Credentials in Files
  • Suspicious use of SetThreadContext

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Defense Evasion
      Discovery
        Execution
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Persistence
                    Privilege Escalation
                      Tasks

                      static1

                      behavioral1

                      1/10