isrstealer | 093e7b2d19181f9194b40847aeab16b86ac159ddce7d553b607febc63400724f | Triage

Submit
Reports

Overview

overview

Static

static

093e7b2d19...4f.exe

windows7-x64

093e7b2d19...4f.exe

windows10-2004-x64

Sharing

General

Target

093e7b2d19181f9194b40847aeab16b86ac159ddce7d553b607febc63400724f
Size

485KB
Sample

221020-1zw4fsgean
MD5

e7bb4b978b5d6073c29d6b05a4e6f0d4
SHA1

fde1e9d4b5272e80cac626bc2f45b970a2302e2d
SHA256

093e7b2d19181f9194b40847aeab16b86ac159ddce7d553b607febc63400724f
SHA512

9f827cc3bfa6324db8b094a41cdc36af71a185df341498940f274ccdd72d432cfd40fd418396d5dc5f63e48e851cf6faf7fdd9c53e06a15947f81375757402bc
SSDEEP

6144:8P0T7oKuHVet3JA6CmbKw6F/zUCPCIcwyHH+5/gdVv1W+:8cfo9Vu3JYmCZjPyU/gFJ

Score

10^/10

isrstealer persistence spyware stealer trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

093e7b2d19181f9194b40847aeab16b86ac159ddce7d553b607febc63400724f.exe

Resource

win7-20220812-en

isrstealer persistence spyware stealer trojan upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

093e7b2d19181f9194b40847aeab16b86ac159ddce7d553b607febc63400724f.exe

Resource

win10v2004-20220812-en

isrstealer persistence spyware stealer trojan upx

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  093e7b2d19181f9194b40847aeab16b86ac159ddce7d553b607febc63400724f
- Size
  
  485KB
- MD5
  
  e7bb4b978b5d6073c29d6b05a4e6f0d4
- SHA1
  
  fde1e9d4b5272e80cac626bc2f45b970a2302e2d
- SHA256
  
  093e7b2d19181f9194b40847aeab16b86ac159ddce7d553b607febc63400724f
- SHA512
  
  9f827cc3bfa6324db8b094a41cdc36af71a185df341498940f274ccdd72d432cfd40fd418396d5dc5f63e48e851cf6faf7fdd9c53e06a15947f81375757402bc
- SSDEEP
  
  6144:8P0T7oKuHVet3JA6CmbKw6F/zUCPCIcwyHH+5/gdVv1W+:8cfo9Vu3JYmCZjPyU/gFJ
Score

10^/10

isrstealer persistence spyware stealer trojan upx
- ISR Stealer
  ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
  trojan stealer isrstealer
- ISR Stealer payload
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

isrstealerpersistencespywarestealertrojanupx

behavioral2

isrstealerpersistencespywarestealertrojanupx

© 2018-2025

Terms | Privacy