isrstealer | aaa93cede01943c9f0e8d438c5a0d68bbc6f74d272430ff6e4db66bd45395463 | Triage

Submit
Reports

Overview

overview

Static

static

aaa93cede0...63.exe

windows7-x64

aaa93cede0...63.exe

windows10-2004-x64

Sharing

General

Target

aaa93cede01943c9f0e8d438c5a0d68bbc6f74d272430ff6e4db66bd45395463
Size

501KB
Sample

221123-qpkybsee46
MD5

196d2f630152226123ee188acb62710e
SHA1

dce60babf7d706df07026ed986bbd1131447ecde
SHA256

aaa93cede01943c9f0e8d438c5a0d68bbc6f74d272430ff6e4db66bd45395463
SHA512

fe3faa07d7f0d5717cf58a304b0190dda5d2ece7aee6ba32d49b594355851c3462614ab29d3ad7fbb59daacc1f89e134d73ed9bb7c9fb33dea2da7b7618007e4
SSDEEP

12288:Z98a9fL0iOk9y8GcgNLQBtA5hRPYKPZnp1:T8UjXZ9y8GDQBgPYKR

Score

10^/10

isrstealer collection stealer trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

aaa93cede01943c9f0e8d438c5a0d68bbc6f74d272430ff6e4db66bd45395463.exe

Resource

win7-20220812-en

isrstealer collection stealer trojan upx

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

aaa93cede01943c9f0e8d438c5a0d68bbc6f74d272430ff6e4db66bd45395463.exe

Resource

win10v2004-20220812-en

isrstealer collection stealer trojan upx

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  aaa93cede01943c9f0e8d438c5a0d68bbc6f74d272430ff6e4db66bd45395463
- Size
  
  501KB
- MD5
  
  196d2f630152226123ee188acb62710e
- SHA1
  
  dce60babf7d706df07026ed986bbd1131447ecde
- SHA256
  
  aaa93cede01943c9f0e8d438c5a0d68bbc6f74d272430ff6e4db66bd45395463
- SHA512
  
  fe3faa07d7f0d5717cf58a304b0190dda5d2ece7aee6ba32d49b594355851c3462614ab29d3ad7fbb59daacc1f89e134d73ed9bb7c9fb33dea2da7b7618007e4
- SSDEEP
  
  12288:Z98a9fL0iOk9y8GcgNLQBtA5hRPYKPZnp1:T8UjXZ9y8GDQBgPYKR
Score

10^/10

isrstealer collection stealer trojan upx
- ISR Stealer
  ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
  trojan stealer isrstealer
- ISR Stealer payload
- NirSoft MailPassView
  Password recovery tool for various email clients
- Nirsoft
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Accesses Microsoft Outlook accounts
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

isrstealercollectionstealertrojanupx

behavioral2

isrstealercollectionstealertrojanupx

© 2018-2024

Terms | Privacy