Overview

overview

10

Static

static

33f3c90640...03.exe

windows7-x64

10

33f3c90640...03.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    33f3c90640f81afc2210d3936ed94545817a1c5d87fb55e03d485bb760882803

  • Size

    1010KB

  • Sample

    221128-wj3h3shh6t

  • MD5

    5a0ea1ccb0cddd973b3a35e70f7a5b17

  • SHA1

    6cbfef80043a991b73f62747450085ec30cd267f

  • SHA256

    33f3c90640f81afc2210d3936ed94545817a1c5d87fb55e03d485bb760882803

  • SHA512

    f2c4c1904685ef7b10d0996ff3a3b1efacfe16fe7ac2e0a960fbb69041b57358ec19c9d01fcd6f6537b06e77a218e948bb023598f91939bb8ffbce6520a29e65

  • SSDEEP

    24576:Y9ctReZNtnbkiWk9d8PSqiHa1YfMQvV7PnZY2n+c:1EZTYHkPkSfH4yMSRY2

Score
10/10
isrstealercollectionstealertrojanupx

Malware Config

Targets

    • Target

      33f3c90640f81afc2210d3936ed94545817a1c5d87fb55e03d485bb760882803

    • Size

      1010KB

    • MD5

      5a0ea1ccb0cddd973b3a35e70f7a5b17

    • SHA1

      6cbfef80043a991b73f62747450085ec30cd267f

    • SHA256

      33f3c90640f81afc2210d3936ed94545817a1c5d87fb55e03d485bb760882803

    • SHA512

      f2c4c1904685ef7b10d0996ff3a3b1efacfe16fe7ac2e0a960fbb69041b57358ec19c9d01fcd6f6537b06e77a218e948bb023598f91939bb8ffbce6520a29e65

    • SSDEEP

      24576:Y9ctReZNtnbkiWk9d8PSqiHa1YfMQvV7PnZY2n+c:1EZTYHkPkSfH4yMSRY2

    Score
    10/10
    isrstealercollectionstealertrojanupx

    • ISR Stealer

      ISR Stealer is a modified version of Hackhound Stealer written in visual basic.

      trojanstealerisrstealer

    • ISR Stealer payload

    • NirSoft MailPassView

      Password recovery tool for various email clients

    • Nirsoft

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Uses the VBS compiler for execution

    • Accesses Microsoft Outlook accounts

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks