isrstealer | 2099396b29275eb0815d92fba16b9de125d81cdd29e0c7602c743f1b0127d144 | Triage

Submit
Reports

Overview

overview

Static

static

5

2099396b29...44.exe

windows7-x64

2099396b29...44.exe

windows10-2004-x64

Sharing

General

Target

2099396b29275eb0815d92fba16b9de125d81cdd29e0c7602c743f1b0127d144
Size

1.2MB
Sample

221123-lwvnwsfh3v
MD5

0861b8194173e70253c81514cb128479
SHA1

9b71ded7d30aa9247a255e09e8b618a902736a16
SHA256

2099396b29275eb0815d92fba16b9de125d81cdd29e0c7602c743f1b0127d144
SHA512

7996a7c0066729628e9a16c8c63b41f341bf941f5cb2be7511d364ca13386a54ae1230edbe6d4e738c3938d0f8bc2d09239960fa5f941693b9ccbb7906092ffd
SSDEEP

24576:uRmJkcoQricOIQxiZY1iaCtPmEJeY5dSMys5+dVbsjHIAcXO01ZoS96QIdntiYyE:7JZoQrbTFZY1iaC55HdS1s5+W

Score

10^/10

isrstealer spyware stealer trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2099396b29275eb0815d92fba16b9de125d81cdd29e0c7602c743f1b0127d144.exe

Resource

win7-20220812-en

isrstealer spyware stealer trojan upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

2099396b29275eb0815d92fba16b9de125d81cdd29e0c7602c743f1b0127d144.exe

Resource

win10v2004-20220812-en

isrstealer spyware stealer trojan upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  2099396b29275eb0815d92fba16b9de125d81cdd29e0c7602c743f1b0127d144
- Size
  
  1.2MB
- MD5
  
  0861b8194173e70253c81514cb128479
- SHA1
  
  9b71ded7d30aa9247a255e09e8b618a902736a16
- SHA256
  
  2099396b29275eb0815d92fba16b9de125d81cdd29e0c7602c743f1b0127d144
- SHA512
  
  7996a7c0066729628e9a16c8c63b41f341bf941f5cb2be7511d364ca13386a54ae1230edbe6d4e738c3938d0f8bc2d09239960fa5f941693b9ccbb7906092ffd
- SSDEEP
  
  24576:uRmJkcoQricOIQxiZY1iaCtPmEJeY5dSMys5+dVbsjHIAcXO01ZoS96QIdntiYyE:7JZoQrbTFZY1iaC55HdS1s5+W
Score

10^/10

isrstealer spyware stealer trojan upx
- ISR Stealer
  ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
  trojan stealer isrstealer
- ISR Stealer payload
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

isrstealerspywarestealertrojanupx

behavioral2

isrstealerspywarestealertrojanupx

© 2018-2024

Terms | Privacy