isrstealer | 728fbab7cf1a650c392461b9bd9b9bace728c5b11e06c67c9436fdbd059c4fe7 | Triage

Submit
Reports

Overview

overview

Static

static

728fbab7cf...e7.exe

windows7-x64

728fbab7cf...e7.exe

windows10-2004-x64

Sharing

General

Target

728fbab7cf1a650c392461b9bd9b9bace728c5b11e06c67c9436fdbd059c4fe7
Size

532KB
Sample

221122-w95fcsdb29
MD5

11a5e59937d2b9a97d4c1e78d4a5d506
SHA1

b2e3c3099cf8503d476576919d001ac433f844d7
SHA256

728fbab7cf1a650c392461b9bd9b9bace728c5b11e06c67c9436fdbd059c4fe7
SHA512

c8fc204a06926a0482538b685984c75dbfcd998a61a8ac10b7e215e2e46834ceb8555cc6b5672bcc683164192b849ab0085fde95b1625846fa16c3d79302aae9
SSDEEP

12288:MZpT8RlSWLIRec4tbizP9Ef49idGUrSPRxv1/F:mpT8RlSWLIRec4tbizVEf40rSXv1/F

Score

10^/10

isrstealer collection spyware stealer trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

728fbab7cf1a650c392461b9bd9b9bace728c5b11e06c67c9436fdbd059c4fe7.exe

Resource

win7-20221111-en

isrstealer collection spyware stealer trojan upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

728fbab7cf1a650c392461b9bd9b9bace728c5b11e06c67c9436fdbd059c4fe7.exe

Resource

win10v2004-20221111-en

isrstealer collection spyware stealer trojan upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  728fbab7cf1a650c392461b9bd9b9bace728c5b11e06c67c9436fdbd059c4fe7
- Size
  
  532KB
- MD5
  
  11a5e59937d2b9a97d4c1e78d4a5d506
- SHA1
  
  b2e3c3099cf8503d476576919d001ac433f844d7
- SHA256
  
  728fbab7cf1a650c392461b9bd9b9bace728c5b11e06c67c9436fdbd059c4fe7
- SHA512
  
  c8fc204a06926a0482538b685984c75dbfcd998a61a8ac10b7e215e2e46834ceb8555cc6b5672bcc683164192b849ab0085fde95b1625846fa16c3d79302aae9
- SSDEEP
  
  12288:MZpT8RlSWLIRec4tbizP9Ef49idGUrSPRxv1/F:mpT8RlSWLIRec4tbizVEf40rSXv1/F
Score

10^/10

isrstealer collection spyware stealer trojan upx
- ISR Stealer
  ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
  trojan stealer isrstealer
- ISR Stealer payload
- NirSoft MailPassView
  Password recovery tool for various email clients
- Nirsoft
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses Microsoft Outlook accounts
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

isrstealercollectionspywarestealertrojanupx

behavioral2

isrstealercollectionspywarestealertrojanupx

© 2018-2025

Terms | Privacy