isrstealer | 9d0c76a6ec42599741717df347688ea82aa266ac4ba7ab510187dcc7c1b6af4b | Triage

Submit
Reports

Overview

overview

Static

static

9d0c76a6ec...4b.exe

windows7-x64

9d0c76a6ec...4b.exe

windows10-2004-x64

Sharing

General

Target

9d0c76a6ec42599741717df347688ea82aa266ac4ba7ab510187dcc7c1b6af4b
Size

530KB
Sample

221123-qthnrseg86
MD5

01471f3a8516c00d3bd1baf0c4a48cbd
SHA1

eb2a94e47fca72ef27f4ae5a58515dcdd6d14ca1
SHA256

9d0c76a6ec42599741717df347688ea82aa266ac4ba7ab510187dcc7c1b6af4b
SHA512

ade4181e278e3d7c4902d676c33386c7d780030533be7b5cbfcf8b08c4b16d46230991da2c9f04b0f76b9c1fb7b7771baa44891d8ac3cddb2e9b2d56bb32e055
SSDEEP

12288:dyVmzA08a9fL0iOk9y8GcgNLQBtA5hRPYKPZHiLjiJ:dy2A08UjXZ9y8GDQBgPYKRHAjO

Score

10^/10

isrstealer collection stealer trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

9d0c76a6ec42599741717df347688ea82aa266ac4ba7ab510187dcc7c1b6af4b.exe

Resource

win7-20220812-en

isrstealer collection stealer trojan upx

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

9d0c76a6ec42599741717df347688ea82aa266ac4ba7ab510187dcc7c1b6af4b.exe

Resource

win10v2004-20220812-en

isrstealer collection stealer trojan upx

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  9d0c76a6ec42599741717df347688ea82aa266ac4ba7ab510187dcc7c1b6af4b
- Size
  
  530KB
- MD5
  
  01471f3a8516c00d3bd1baf0c4a48cbd
- SHA1
  
  eb2a94e47fca72ef27f4ae5a58515dcdd6d14ca1
- SHA256
  
  9d0c76a6ec42599741717df347688ea82aa266ac4ba7ab510187dcc7c1b6af4b
- SHA512
  
  ade4181e278e3d7c4902d676c33386c7d780030533be7b5cbfcf8b08c4b16d46230991da2c9f04b0f76b9c1fb7b7771baa44891d8ac3cddb2e9b2d56bb32e055
- SSDEEP
  
  12288:dyVmzA08a9fL0iOk9y8GcgNLQBtA5hRPYKPZHiLjiJ:dy2A08UjXZ9y8GDQBgPYKRHAjO
Score

10^/10

isrstealer collection stealer trojan upx
- ISR Stealer
  ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
  trojan stealer isrstealer
- ISR Stealer payload
- NirSoft MailPassView
  Password recovery tool for various email clients
- Nirsoft
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Accesses Microsoft Outlook accounts
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

isrstealercollectionstealertrojanupx

behavioral2

isrstealercollectionstealertrojanupx

© 2018-2024

Terms | Privacy