Overview

overview

10

Static

static

TT Copy.exe

windows7-x64

10

TT Copy.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    af1e8e9d05d75659bdd347e398d103cef6418ea32fdc118ccd0b9901ed81d2fb

  • Size

    794KB

  • Sample

    221030-jmrjrshhf9

  • MD5

    cd15cede064cb204549ede449ca574f0

  • SHA1

    82f357dc58071148a4a73c61b462c9e275e29a0a

  • SHA256

    af1e8e9d05d75659bdd347e398d103cef6418ea32fdc118ccd0b9901ed81d2fb

  • SHA512

    b7f36898332bf0180ffccc07f594994655da3d227f6189204b554fa3e4e1805b512497a965748c5df734bb2af1af211ad7476dd9fca870b3af606e849e9bed8e

  • SSDEEP

    12288:vwZCpx8GQxpk/H2Fcl60YEuZdDJE4arABycIjtR96mYREI+lWfbUJNA51K/33Ehb:vwZBzgWF260aC4azckto73zJ44o9ty

Score
10/10
isrstealercollectionstealertrojanupx

Malware Config

Targets

    • Target

      TT Copy.exe

    • Size

      882KB

    • MD5

      b6de2482b98fce903d3692d9c0160ef2

    • SHA1

      53d6ffc6c70417c12c67108e68a068d01dc31065

    • SHA256

      2c34e7bd53c5880be9898396ead603f70536254c468584b500d8a2e8acf44393

    • SHA512

      03fbba2e5e174f105ef70e53824c2a18fc82c49ce7469929a6904be3b98fd151e1c9587a429bb5ba42e4abd50515bdaf7aeb1c495db79e50f8e42328770e44bc

    • SSDEEP

      12288:itdhEsXr70C7yHybdfMoclgKYEu9dbJE8arAVycIjtx9RwJ01WPbU7NI51u/33E0:+dh1797tR2gKU68alckZQ9z1Cwolt5

    Score
    10/10
    isrstealercollectionstealertrojanupx

    • ISR Stealer

      ISR Stealer is a modified version of Hackhound Stealer written in visual basic.

      trojanstealerisrstealer

    • ISR Stealer payload

    • NirSoft MailPassView

      Password recovery tool for various email clients

    • Nirsoft

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Accesses Microsoft Outlook accounts

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks