Overview

overview

10

Static

static

5e28a45b4d...3e.exe

windows7-x64

10

5e28a45b4d...3e.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5e28a45b4d729a306027961c809f3d2327aa39d39c23792609d56d156b95013e

  • Size

    532KB

  • Sample

    221123-rhwlxsgf79

  • MD5

    56bb49942ccb534ced071950c45e94a6

  • SHA1

    9822aae531ab7a468095f1e08a36f06f8a69a9ed

  • SHA256

    5e28a45b4d729a306027961c809f3d2327aa39d39c23792609d56d156b95013e

  • SHA512

    12eea2ddaa45d7dc8fc95eb8291eae4cc18c9b9593d1f780dfc4811fb1659c33915b781a4d5aa50830c1aaea50bca5e7c8d441f9c8b4ab77a1a51debb53bf0e3

  • SSDEEP

    12288:F7R5yDA3Ivt2i1KKOIdu3EhbjMU/UebEA1pI68B:F7qDAYvJE1IdvsU/TR1px

Score
10/10
isrstealerspywarestealertrojanupx

Malware Config

Targets

    • Target

      5e28a45b4d729a306027961c809f3d2327aa39d39c23792609d56d156b95013e

    • Size

      532KB

    • MD5

      56bb49942ccb534ced071950c45e94a6

    • SHA1

      9822aae531ab7a468095f1e08a36f06f8a69a9ed

    • SHA256

      5e28a45b4d729a306027961c809f3d2327aa39d39c23792609d56d156b95013e

    • SHA512

      12eea2ddaa45d7dc8fc95eb8291eae4cc18c9b9593d1f780dfc4811fb1659c33915b781a4d5aa50830c1aaea50bca5e7c8d441f9c8b4ab77a1a51debb53bf0e3

    • SSDEEP

      12288:F7R5yDA3Ivt2i1KKOIdu3EhbjMU/UebEA1pI68B:F7qDAYvJE1IdvsU/TR1px

    Score
    10/10
    isrstealerspywarestealertrojanupx

    • ISR Stealer

      ISR Stealer is a modified version of Hackhound Stealer written in visual basic.

      trojanstealerisrstealer

    • ISR Stealer payload

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks