isrstealer | 8a2b81c40804d817bed394f3d58f17933b79f8d7d8726e7fdca1a9e69a7aac9c | Triage

Sharing

General

Target

8a2b81c40804d817bed394f3d58f17933b79f8d7d8726e7fdca1a9e69a7aac9c
Size

68KB
Sample

221030-s3l4nahden
MD5

81d396f1cf696b2a0c76c6e2391178ef
SHA1

01e346045c3e2cdafd1253588b7187b78e380783
SHA256

8a2b81c40804d817bed394f3d58f17933b79f8d7d8726e7fdca1a9e69a7aac9c
SHA512

aed588a1fc1ed337e097508d9032517b7dbd00f2f3d13e4d5fe7ed02686f8b478276a792d13a1c21bbfb04f2c23a9a1a38da68270fb2a0ea3cad81f2c5f9d9e7
SSDEEP

1536:QskVrzq2umeWO2+FPx/JU0vsofRiqMmM:xciU0vrRieM

Score

10^/10

isrstealer spyware stealer

Malware Config

Targets

- Target
  
  8a2b81c40804d817bed394f3d58f17933b79f8d7d8726e7fdca1a9e69a7aac9c
- Size
  
  68KB
- MD5
  
  81d396f1cf696b2a0c76c6e2391178ef
- SHA1
  
  01e346045c3e2cdafd1253588b7187b78e380783
- SHA256
  
  8a2b81c40804d817bed394f3d58f17933b79f8d7d8726e7fdca1a9e69a7aac9c
- SHA512
  
  aed588a1fc1ed337e097508d9032517b7dbd00f2f3d13e4d5fe7ed02686f8b478276a792d13a1c21bbfb04f2c23a9a1a38da68270fb2a0ea3cad81f2c5f9d9e7
- SSDEEP
  
  1536:QskVrzq2umeWO2+FPx/JU0vsofRiqMmM:xciU0vrRieM
Score

7^/10

spyware stealer
- Reads data files stored by FTP clients
  Tries to access configuration files associated with programs like FileZilla.
  spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2