isrstealer | 70f9b8047dc6aa80015da0fc8523f48d578a878485ddd1e24344a634ed47bc92 | Triage

Submit
Reports

Overview

overview

Static

static

70f9b8047d...92.exe

windows7_x64

9

70f9b8047d...92.exe

windows10-2004_x64

9

Sharing

General

Target

70f9b8047dc6aa80015da0fc8523f48d578a878485ddd1e24344a634ed47bc92
Size

268KB
Sample

220308-s9mc1abefq
MD5

f37d002c6467287d4b885bcafd6c92a0
SHA1

8a55c3407dc0c8fb9265ac9da09cf626edf9dd06
SHA256

70f9b8047dc6aa80015da0fc8523f48d578a878485ddd1e24344a634ed47bc92
SHA512

321ccd1cf002d8d9bc92198a2edb1b8fe3a7680e0ccdde357387f5241d0b4e7d6d26572476e9e9c7131e750793338734931633708434e3b951dac4f5ab9eb530

Score

10^/10

isrstealer collection spyware stealer upx

Static task

static1

Behavioral task

behavioral1

Sample

70f9b8047dc6aa80015da0fc8523f48d578a878485ddd1e24344a634ed47bc92.exe

Resource

win7-20220223-en

collection spyware stealer upx

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

70f9b8047dc6aa80015da0fc8523f48d578a878485ddd1e24344a634ed47bc92.exe

Resource

win10v2004-en-20220113

collection spyware stealer upx

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  70f9b8047dc6aa80015da0fc8523f48d578a878485ddd1e24344a634ed47bc92
- Size
  
  268KB
- MD5
  
  f37d002c6467287d4b885bcafd6c92a0
- SHA1
  
  8a55c3407dc0c8fb9265ac9da09cf626edf9dd06
- SHA256
  
  70f9b8047dc6aa80015da0fc8523f48d578a878485ddd1e24344a634ed47bc92
- SHA512
  
  321ccd1cf002d8d9bc92198a2edb1b8fe3a7680e0ccdde357387f5241d0b4e7d6d26572476e9e9c7131e750793338734931633708434e3b951dac4f5ab9eb530
Score

9^/10

collection spyware stealer upx
- NirSoft MailPassView
  Password recovery tool for various email clients
- Nirsoft
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses Microsoft Outlook accounts
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

collectionspywarestealerupx

behavioral2

collectionspywarestealerupx

© 2018-2025

Terms | Privacy