Overview

overview

10

Static

static

3ad42d527e...20.exe

windows7-x64

10

3ad42d527e...20.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3ad42d527ed36160a80d57c9619b3b0f55fd20cc23c08637f732846cd8aa0c20

  • Size

    405KB

  • Sample

    221128-txxhwace9v

  • MD5

    b76b66e61a86b4708d164f16a587b7eb

  • SHA1

    002d8fc45341c61238d00136059aa64eaef44d22

  • SHA256

    3ad42d527ed36160a80d57c9619b3b0f55fd20cc23c08637f732846cd8aa0c20

  • SHA512

    bc47f19345908ad06679e4bf729eb623b15173079a0f828f62de2be1c5ae6ab21cde0633baf93db237e6e91085e508f29c3acddd7fbfc2fe7b8d333adccfc9ff

  • SSDEEP

    6144:2UwHuNnp2M8TJCJkI/Y8PJw1nQ5orsV7qsmgFB/pAeEURLHcc04TU:rt2M8Tln3wYsmgFh8UFK1

Score
10/10
isrstealercollectionstealertrojanupx

Malware Config

Targets

    • Target

      3ad42d527ed36160a80d57c9619b3b0f55fd20cc23c08637f732846cd8aa0c20

    • Size

      405KB

    • MD5

      b76b66e61a86b4708d164f16a587b7eb

    • SHA1

      002d8fc45341c61238d00136059aa64eaef44d22

    • SHA256

      3ad42d527ed36160a80d57c9619b3b0f55fd20cc23c08637f732846cd8aa0c20

    • SHA512

      bc47f19345908ad06679e4bf729eb623b15173079a0f828f62de2be1c5ae6ab21cde0633baf93db237e6e91085e508f29c3acddd7fbfc2fe7b8d333adccfc9ff

    • SSDEEP

      6144:2UwHuNnp2M8TJCJkI/Y8PJw1nQ5orsV7qsmgFB/pAeEURLHcc04TU:rt2M8Tln3wYsmgFh8UFK1

    Score
    10/10
    isrstealercollectionstealertrojanupx

    • ISR Stealer

      ISR Stealer is a modified version of Hackhound Stealer written in visual basic.

      trojanstealerisrstealer

    • ISR Stealer payload

    • NirSoft MailPassView

      Password recovery tool for various email clients

    • Nirsoft

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Accesses Microsoft Outlook accounts

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks