Overview

overview

10

Static

static

a981188572...ba.exe

windows7-x64

10

a981188572...ba.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a981188572a0f5a116004f0b5caf0779838ea7cd8227dfa59270398fe4f8caba

  • Size

    200KB

  • Sample

    221028-w47njaacf7

  • MD5

    0fa52149863225a2360be8328c1875f6

  • SHA1

    395fa1cf332cc0b2972bc18c773f2f91b3f23eb1

  • SHA256

    a981188572a0f5a116004f0b5caf0779838ea7cd8227dfa59270398fe4f8caba

  • SHA512

    d70fc1708282877f45186a3871e1bdc273e45f68abc2a2c0b57872698696d9d3679b14d826178eeabe04904670ccb7064c383b0d4b4ae8578e62a88c06646b66

  • SSDEEP

    3072:SayQoyeIKDWx85IOlKeJVos/8eRwXiUUAdV95I4Rp+LH1xrl3Ez8ub8Xr7Eo:Sa8dIKCC0ef//uXltKc+LVsz9b8

Score
10/10
isrstealerspywarestealertrojanupx

Malware Config

Targets

    • Target

      a981188572a0f5a116004f0b5caf0779838ea7cd8227dfa59270398fe4f8caba

    • Size

      200KB

    • MD5

      0fa52149863225a2360be8328c1875f6

    • SHA1

      395fa1cf332cc0b2972bc18c773f2f91b3f23eb1

    • SHA256

      a981188572a0f5a116004f0b5caf0779838ea7cd8227dfa59270398fe4f8caba

    • SHA512

      d70fc1708282877f45186a3871e1bdc273e45f68abc2a2c0b57872698696d9d3679b14d826178eeabe04904670ccb7064c383b0d4b4ae8578e62a88c06646b66

    • SSDEEP

      3072:SayQoyeIKDWx85IOlKeJVos/8eRwXiUUAdV95I4Rp+LH1xrl3Ez8ub8Xr7Eo:Sa8dIKCC0ef//uXltKc+LVsz9b8

    Score
    10/10
    isrstealerspywarestealertrojanupx

    • ISR Stealer

      ISR Stealer is a modified version of Hackhound Stealer written in visual basic.

      trojanstealerisrstealer

    • ISR Stealer payload

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks