isrstealer | 92810bfa22f1d71451860ab5ca81931a9e77218e89020e207438e19aa387840f | Triage

Submit
Reports

Overview

overview

Static

static

7

92810bfa22...0f.exe

windows7-x64

92810bfa22...0f.exe

windows10-2004-x64

Sharing

General

Target

92810bfa22f1d71451860ab5ca81931a9e77218e89020e207438e19aa387840f
Size

1012KB
Sample

221128-v7wvrsch36
MD5

98d0000c28ed30d94374762113976b75
SHA1

60ceb509382e6309855d32cfcc99b34d782bd083
SHA256

92810bfa22f1d71451860ab5ca81931a9e77218e89020e207438e19aa387840f
SHA512

c1f3586a7b79c74de0b3ea7eb6d13c925d98655491ce043a9db56feef80c9b40e29f86b9e8d3e94328fc6c51722dc91e4e93b37beb15be97a4bbe8842f7ff1fa
SSDEEP

24576:2vzgO5yKsUaSuErRWNoEb0RkxFdtBNN57:zO5jGErsNrcc75

Score

10^/10

isrstealer agilenet collection stealer trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

92810bfa22f1d71451860ab5ca81931a9e77218e89020e207438e19aa387840f.exe

Resource

win7-20221111-en

isrstealer collection stealer trojan upx

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

92810bfa22f1d71451860ab5ca81931a9e77218e89020e207438e19aa387840f.exe

Resource

win10v2004-20220812-en

isrstealer collection stealer trojan upx

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  92810bfa22f1d71451860ab5ca81931a9e77218e89020e207438e19aa387840f
- Size
  
  1012KB
- MD5
  
  98d0000c28ed30d94374762113976b75
- SHA1
  
  60ceb509382e6309855d32cfcc99b34d782bd083
- SHA256
  
  92810bfa22f1d71451860ab5ca81931a9e77218e89020e207438e19aa387840f
- SHA512
  
  c1f3586a7b79c74de0b3ea7eb6d13c925d98655491ce043a9db56feef80c9b40e29f86b9e8d3e94328fc6c51722dc91e4e93b37beb15be97a4bbe8842f7ff1fa
- SSDEEP
  
  24576:2vzgO5yKsUaSuErRWNoEb0RkxFdtBNN57:zO5jGErsNrcc75
Score

10^/10

isrstealer collection stealer trojan upx
- ISR Stealer
  ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
  trojan stealer isrstealer
- ISR Stealer payload
- NirSoft MailPassView
  Password recovery tool for various email clients
- Nirsoft
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Uses the VBS compiler for execution
- Accesses Microsoft Outlook accounts
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

isrstealercollectionstealertrojanupx

behavioral2

isrstealercollectionstealertrojanupx

© 2018-2025

Terms | Privacy