Overview

overview

10

Static

static

TT Copy.exe

windows7-x64

10

TT Copy.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b17c4ca2e447b7cdf7f3ef7781427a811974a344e9e31489eef5e7ab8370c31b

  • Size

    813KB

  • Sample

    221030-jmsrtsbacl

  • MD5

    43ed779e9defc5427ba19b3facb35a10

  • SHA1

    257ef2d2d512c0a027a23e1c88f4b116d892b7db

  • SHA256

    b17c4ca2e447b7cdf7f3ef7781427a811974a344e9e31489eef5e7ab8370c31b

  • SHA512

    93150d19935015307ff48add907db5f3fc81f533de7fb070bc2bdcc410aa897536a05f788c92c6edac791cb5b09276c4759f3ddd806a6186c5436958491c8117

  • SSDEEP

    12288:lwZCpx8GQxpk/H2Fcl60YEuZdDJE4arABycIjtR96mYREI+lWfbUJNA51K/33Eh3:lwZBzgWF260aC4azckto73zJ44o9t

Score
10/10
isrstealercollectionstealertrojanupx

Malware Config

Targets

    • Target

      TT Copy.exe

    • Size

      882KB

    • MD5

      b6de2482b98fce903d3692d9c0160ef2

    • SHA1

      53d6ffc6c70417c12c67108e68a068d01dc31065

    • SHA256

      2c34e7bd53c5880be9898396ead603f70536254c468584b500d8a2e8acf44393

    • SHA512

      03fbba2e5e174f105ef70e53824c2a18fc82c49ce7469929a6904be3b98fd151e1c9587a429bb5ba42e4abd50515bdaf7aeb1c495db79e50f8e42328770e44bc

    • SSDEEP

      12288:itdhEsXr70C7yHybdfMoclgKYEu9dbJE8arAVycIjtx9RwJ01WPbU7NI51u/33E0:+dh1797tR2gKU68alckZQ9z1Cwolt5

    Score
    10/10
    isrstealercollectionstealertrojanupx

    • ISR Stealer

      ISR Stealer is a modified version of Hackhound Stealer written in visual basic.

      trojanstealerisrstealer

    • ISR Stealer payload

    • NirSoft MailPassView

      Password recovery tool for various email clients

    • Nirsoft

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Accesses Microsoft Outlook accounts

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks