isrstealer | 3bcf1073fbe7b237ad7abd57d3cc919e7a79c456b4ca658d094a6a7c16d3edf2 | Triage

Submit
Reports

Overview

overview

Static

static

3bcf1073fb...f2.exe

windows7-x64

3bcf1073fb...f2.exe

windows10-2004-x64

Sharing

General

Target

3bcf1073fbe7b237ad7abd57d3cc919e7a79c456b4ca658d094a6a7c16d3edf2
Size

283KB
Sample

221029-g14p5sefem
MD5

c9b83f9a44345d390c0c9f00ab36879c
SHA1

3d973d3c02d7c35cc26c641404061daf8457f1b1
SHA256

3bcf1073fbe7b237ad7abd57d3cc919e7a79c456b4ca658d094a6a7c16d3edf2
SHA512

12cd819e85417915a23951de22cb5b03341fb718bbab6fede068c86748be3b9a9f14169df2a8fc91ad1e5d54919f92498b3b2191208febf4a1d7098dc6d17cad
SSDEEP

6144:ZakvLzSGh+s+7gAuC1NDsrfZ+24WwhuQ0o8rri4:Vv3SGhq7gAu0NIr94Kto8PJ

Score

10^/10

isrstealer collection spyware stealer trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

3bcf1073fbe7b237ad7abd57d3cc919e7a79c456b4ca658d094a6a7c16d3edf2.exe

Resource

win7-20220901-en

isrstealer collection spyware stealer trojan upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

3bcf1073fbe7b237ad7abd57d3cc919e7a79c456b4ca658d094a6a7c16d3edf2.exe

Resource

win10v2004-20220812-en

isrstealer stealer trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  3bcf1073fbe7b237ad7abd57d3cc919e7a79c456b4ca658d094a6a7c16d3edf2
- Size
  
  283KB
- MD5
  
  c9b83f9a44345d390c0c9f00ab36879c
- SHA1
  
  3d973d3c02d7c35cc26c641404061daf8457f1b1
- SHA256
  
  3bcf1073fbe7b237ad7abd57d3cc919e7a79c456b4ca658d094a6a7c16d3edf2
- SHA512
  
  12cd819e85417915a23951de22cb5b03341fb718bbab6fede068c86748be3b9a9f14169df2a8fc91ad1e5d54919f92498b3b2191208febf4a1d7098dc6d17cad
- SSDEEP
  
  6144:ZakvLzSGh+s+7gAuC1NDsrfZ+24WwhuQ0o8rri4:Vv3SGhq7gAu0NIr94Kto8PJ
Score

10^/10

isrstealer collection spyware stealer trojan upx
- ISR Stealer
  ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
  trojan stealer isrstealer
- ISR Stealer payload
- NirSoft MailPassView
  Password recovery tool for various email clients
- Nirsoft
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses Microsoft Outlook accounts
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

isrstealercollectionspywarestealertrojanupx

behavioral2

isrstealerstealertrojan

© 2018-2025

Terms | Privacy