Overview

overview

10

Static

static

e9adf93ac9...b3.exe

windows7_x64

10

e9adf93ac9...b3.exe

windows10-2004_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e9adf93ac9aae1f1506840e8d20401fb94e6a1f3dd968f326d62081a8ee629b3

  • Size

    340KB

  • Sample

    220307-3zp19ahde8

  • MD5

    c7de6e9b70b3fbd8e10613217409078a

  • SHA1

    6e858c32db2b5297e9bd109511de475c20026f2a

  • SHA256

    e9adf93ac9aae1f1506840e8d20401fb94e6a1f3dd968f326d62081a8ee629b3

  • SHA512

    04a613b490082e525b90a49430b1456d9f5a773003690df37c5c36a7d4c4b34c9459ec6f849ac90d1a559fdb3cef25d98d6414f00422ed5dfb19939ab41047bb

Score
10/10
isrstealercollectionpersistencespywarestealertrojanupx

Malware Config

Targets

    • Target

      e9adf93ac9aae1f1506840e8d20401fb94e6a1f3dd968f326d62081a8ee629b3

    • Size

      340KB

    • MD5

      c7de6e9b70b3fbd8e10613217409078a

    • SHA1

      6e858c32db2b5297e9bd109511de475c20026f2a

    • SHA256

      e9adf93ac9aae1f1506840e8d20401fb94e6a1f3dd968f326d62081a8ee629b3

    • SHA512

      04a613b490082e525b90a49430b1456d9f5a773003690df37c5c36a7d4c4b34c9459ec6f849ac90d1a559fdb3cef25d98d6414f00422ed5dfb19939ab41047bb

    Score
    10/10
    isrstealercollectionpersistencespywarestealertrojanupx

    • ISR Stealer

      ISR Stealer is a modified version of Hackhound Stealer written in visual basic.

      trojanstealerisrstealer

    • ISR Stealer Payload

    • NirSoft MailPassView

      Password recovery tool for various email clients

    • Nirsoft

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook accounts

      collection

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks