General
-
Target
9491240fbdff36285ab31adbabb5de6aeb18cb6989474149c9b571ba84289016
-
Size
1.2MB
-
Sample
221003-s4cllsdbf2
-
MD5
675b2173674cd94a84a4eb20d2eafe6c
-
SHA1
c6ce45ac376cff4d5cc48a561850245a4be138a5
-
SHA256
9491240fbdff36285ab31adbabb5de6aeb18cb6989474149c9b571ba84289016
-
SHA512
367a684b00bd8b2e4f5c915e4eae12efed44681afb369c5fe3eb555fbb9c59243afd1e29d8112428937025c9061fadb86b8e1e17e34ea9dc98c10c7b82351893
-
SSDEEP
24576:17uhAWsJKisl8xvymr9ZgKDrxyTkNr3OMJz33to2yERUr4aA:puW9bRxvfr9ZzxyC/JD3tPGs
Malware Config
Targets
-
-
Target
9491240fbdff36285ab31adbabb5de6aeb18cb6989474149c9b571ba84289016
-
Size
1.2MB
-
MD5
675b2173674cd94a84a4eb20d2eafe6c
-
SHA1
c6ce45ac376cff4d5cc48a561850245a4be138a5
-
SHA256
9491240fbdff36285ab31adbabb5de6aeb18cb6989474149c9b571ba84289016
-
SHA512
367a684b00bd8b2e4f5c915e4eae12efed44681afb369c5fe3eb555fbb9c59243afd1e29d8112428937025c9061fadb86b8e1e17e34ea9dc98c10c7b82351893
-
SSDEEP
24576:17uhAWsJKisl8xvymr9ZgKDrxyTkNr3OMJz33to2yERUr4aA:puW9bRxvfr9ZzxyC/JD3tPGs
Score10/10-
ISR Stealer
ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
-
ISR Stealer payload
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious use of SetThreadContext
-