Overview

overview

10

Static

static

10448b62b8...ff.exe

windows7-x64

10

10448b62b8...ff.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    10448b62b88d14b89c991cdf0a16df16b6b2093d150b17a525695c6586a867ff

  • Size

    260KB

  • Sample

    221012-t5ggmabgh2

  • MD5

    7afc6d24be8597a755b2c186042e1274

  • SHA1

    11486e29324e2c66f7f5881f4579fd94142b1bdc

  • SHA256

    10448b62b88d14b89c991cdf0a16df16b6b2093d150b17a525695c6586a867ff

  • SHA512

    2baac267f63317d29e1f769217676386977f02db164b82982f31362648ae5693032cacbe5d9bb665d4a7b2bb596266de5091a4130543a9f0df0d4f2675431ae3

  • SSDEEP

    6144:sQaebYyFI08UsCpCqVu4eqsIIJ3aKl06pZoZ4Tv2QxQWnaJptxAco:JcIg3a36vY4TeQxjnexAc

Score
10/10
isrstealerspywarestealertrojanupx

Malware Config

Targets

    • Target

      10448b62b88d14b89c991cdf0a16df16b6b2093d150b17a525695c6586a867ff

    • Size

      260KB

    • MD5

      7afc6d24be8597a755b2c186042e1274

    • SHA1

      11486e29324e2c66f7f5881f4579fd94142b1bdc

    • SHA256

      10448b62b88d14b89c991cdf0a16df16b6b2093d150b17a525695c6586a867ff

    • SHA512

      2baac267f63317d29e1f769217676386977f02db164b82982f31362648ae5693032cacbe5d9bb665d4a7b2bb596266de5091a4130543a9f0df0d4f2675431ae3

    • SSDEEP

      6144:sQaebYyFI08UsCpCqVu4eqsIIJ3aKl06pZoZ4Tv2QxQWnaJptxAco:JcIg3a36vY4TeQxjnexAc

    Score
    10/10
    isrstealerspywarestealertrojanupx

    • ISR Stealer

      ISR Stealer is a modified version of Hackhound Stealer written in visual basic.

      trojanstealerisrstealer

    • ISR Stealer payload

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks