Overview

overview

10

Static

static

5

69d5a05aa7...d2.exe

windows7-x64

10

69d5a05aa7...d2.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    69d5a05aa7e0bb1eedf53fc77a9d5b421aada2169439652a9d2f0b6c867739d2

  • Size

    1.1MB

  • Sample

    221127-kr8vaahc3t

  • MD5

    8eeed29b5c1d246aa64fb3f1ec8b0210

  • SHA1

    7b0af1802825353100db029eb48dd186d550a7f3

  • SHA256

    69d5a05aa7e0bb1eedf53fc77a9d5b421aada2169439652a9d2f0b6c867739d2

  • SHA512

    4c1b677db9afa3bac77e312078c88a67e46b01fb0257ff1caa44dd930011d9a775d14cab40fcc5529f17efa7be61388798047baf5f8cccc59a008520ec610b76

  • SSDEEP

    12288:/aWzgMg7v3qnCiMErQohh0F4CCJ8lny/Qo6oIRrCtOnrZsWz3OWvOnbxRi4mydaQ:iaHMv6Corjqny/Qo6D1C0SQOb/JP

Score
10/10
isrstealercollectionspywarestealertrojanupx

Malware Config

Targets

    • Target

      69d5a05aa7e0bb1eedf53fc77a9d5b421aada2169439652a9d2f0b6c867739d2

    • Size

      1.1MB

    • MD5

      8eeed29b5c1d246aa64fb3f1ec8b0210

    • SHA1

      7b0af1802825353100db029eb48dd186d550a7f3

    • SHA256

      69d5a05aa7e0bb1eedf53fc77a9d5b421aada2169439652a9d2f0b6c867739d2

    • SHA512

      4c1b677db9afa3bac77e312078c88a67e46b01fb0257ff1caa44dd930011d9a775d14cab40fcc5529f17efa7be61388798047baf5f8cccc59a008520ec610b76

    • SSDEEP

      12288:/aWzgMg7v3qnCiMErQohh0F4CCJ8lny/Qo6oIRrCtOnrZsWz3OWvOnbxRi4mydaQ:iaHMv6Corjqny/Qo6D1C0SQOb/JP

    Score
    10/10
    isrstealercollectionspywarestealertrojanupx

    • ISR Stealer

      ISR Stealer is a modified version of Hackhound Stealer written in visual basic.

      trojanstealerisrstealer

    • ISR Stealer payload

    • NirSoft MailPassView

      Password recovery tool for various email clients

    • Nirsoft

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook accounts

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks