isrstealer | 3848e61897e3fbc185353a109e0de82164d50a00e1c793290ad7cfd53a9807b4 | Triage

Submit
Reports

Overview

overview

Static

static

3848e61897...b4.exe

windows7_x64

3848e61897...b4.exe

windows10-2004_x64

Sharing

General

Target

3848e61897e3fbc185353a109e0de82164d50a00e1c793290ad7cfd53a9807b4
Size

762KB
Sample

220612-3qf2zsbhgq
MD5

1c4dbd755e7ba59d2a4ce457f09f755b
SHA1

80b81ba84a6a507c241f5a99e34153fab47d3f0b
SHA256

3848e61897e3fbc185353a109e0de82164d50a00e1c793290ad7cfd53a9807b4
SHA512

55a509c9a3be54093b13409da0f7720932e5eb9fab3d6322bcdef0755584aff10224bc98b4ae3db68261900e9a56359416cc0cffde429c0d0cf09fdccd07c90d

Score

10^/10

isrstealer spyware stealer suricata trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

3848e61897e3fbc185353a109e0de82164d50a00e1c793290ad7cfd53a9807b4.exe

Resource

win7-20220414-en

isrstealer stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

3848e61897e3fbc185353a109e0de82164d50a00e1c793290ad7cfd53a9807b4.exe

Resource

win10v2004-20220414-en

isrstealer spyware stealer suricata trojan upx

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  3848e61897e3fbc185353a109e0de82164d50a00e1c793290ad7cfd53a9807b4
- Size
  
  762KB
- MD5
  
  1c4dbd755e7ba59d2a4ce457f09f755b
- SHA1
  
  80b81ba84a6a507c241f5a99e34153fab47d3f0b
- SHA256
  
  3848e61897e3fbc185353a109e0de82164d50a00e1c793290ad7cfd53a9807b4
- SHA512
  
  55a509c9a3be54093b13409da0f7720932e5eb9fab3d6322bcdef0755584aff10224bc98b4ae3db68261900e9a56359416cc0cffde429c0d0cf09fdccd07c90d
Score

10^/10

isrstealer stealer trojan spyware suricata upx
- ISR Stealer
  ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
  trojan stealer isrstealer
- ISR Stealer Payload
- suricata: ET MALWARE ISRStealer Checkin
  suricata: ET MALWARE ISRStealer Checkin
  suricata
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

isrstealerstealertrojan

behavioral2

isrstealerspywarestealersuricatatrojanupx

© 2018-2025

Terms | Privacy