General

  • Target

    5b0046918b10d573e80f3bf07ed237417b4dc37885567656297cd1104cdced29

  • Size

    208KB

  • Sample

    220307-jfzlssaeb5

  • MD5

    c6d411e17d986bc49150e8e4018f3be1

  • SHA1

    907c6c0e12ec4ee31dd0e132f92e3edd48bdf71b

  • SHA256

    5b0046918b10d573e80f3bf07ed237417b4dc37885567656297cd1104cdced29

  • SHA512

    a5294ebcfa5c830f596be5ba12fe94e92f28a04a4d2e872dd0da4ea4de1d8f629946ba84632339b829ee0d8a02a9775b894bc888a34917a79198e262edd7aadc

Malware Config

Targets

    • Target

      5b0046918b10d573e80f3bf07ed237417b4dc37885567656297cd1104cdced29

    • Size

      208KB

    • MD5

      c6d411e17d986bc49150e8e4018f3be1

    • SHA1

      907c6c0e12ec4ee31dd0e132f92e3edd48bdf71b

    • SHA256

      5b0046918b10d573e80f3bf07ed237417b4dc37885567656297cd1104cdced29

    • SHA512

      a5294ebcfa5c830f596be5ba12fe94e92f28a04a4d2e872dd0da4ea4de1d8f629946ba84632339b829ee0d8a02a9775b894bc888a34917a79198e262edd7aadc

    • ISR Stealer

      ISR Stealer is a modified version of Hackhound Stealer written in visual basic.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks