Overview

overview

10

Static

static

10

41faef920f...73.exe

windows7_x64

9

41faef920f...73.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    41faef920f93d0b081b5d93b78e3b8a91117f042b259f5529fce923ca2051f73

  • Size

    260KB

  • Sample

    220308-xygqladgbn

  • MD5

    b56d082f9ef93cac84d1dbf8cb0636b3

  • SHA1

    7b4444d5cc44e3a8cf57df60edd50d1bb0059b76

  • SHA256

    41faef920f93d0b081b5d93b78e3b8a91117f042b259f5529fce923ca2051f73

  • SHA512

    e44986bacda19ff41d810790235931a6c28957ea255071d19237866117148e46d81307087c49042c5b5ba78527220c589f848f82b4346090b6b7d8aa752d3d66

Score
10/10
isrstealercollectionspywarestealersuricatatrojanupx

Malware Config

Targets

    • Target

      41faef920f93d0b081b5d93b78e3b8a91117f042b259f5529fce923ca2051f73

    • Size

      260KB

    • MD5

      b56d082f9ef93cac84d1dbf8cb0636b3

    • SHA1

      7b4444d5cc44e3a8cf57df60edd50d1bb0059b76

    • SHA256

      41faef920f93d0b081b5d93b78e3b8a91117f042b259f5529fce923ca2051f73

    • SHA512

      e44986bacda19ff41d810790235931a6c28957ea255071d19237866117148e46d81307087c49042c5b5ba78527220c589f848f82b4346090b6b7d8aa752d3d66

    Score
    10/10
    collectionspywarestealerupxisrstealersuricatatrojan

    • ISR Stealer

      ISR Stealer is a modified version of Hackhound Stealer written in visual basic.

      trojanstealerisrstealer

    • suricata: ET MALWARE ISRStealer Checkin

      suricata: ET MALWARE ISRStealer Checkin

      suricata

    • NirSoft MailPassView

      Password recovery tool for various email clients

    • Nirsoft

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook accounts

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks