isrstealer | 788955fd1239eeda6405885c58f0a00edbcb9f3bd21d57f13e88712b82b8d9b4 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

788955fd12...b4.exe

windows7-x64

7

788955fd12...b4.exe

windows10-2004-x64

7

Sharing

General

Target

788955fd1239eeda6405885c58f0a00edbcb9f3bd21d57f13e88712b82b8d9b4
Size

332KB
Sample

221129-xwt8xage52
MD5

ddf2d9be5ba7db3de27dfc92eb978580
SHA1

01d4f3e43aaf3c31565111bd40f85bb9d49f8841
SHA256

788955fd1239eeda6405885c58f0a00edbcb9f3bd21d57f13e88712b82b8d9b4
SHA512

ae6739f99ca1d403ecf7322f88c2db08cb7333c1ae3a3227615b8e3d89708105a660242db1875d0b19d6ae67bd9da1cd11ea1f188ee2928c8b317e48beafac26
SSDEEP

6144:iH8vnCm4/QrVeoichIaoL2Xh4f3uFf7P2QButMGQJ:kjQrdiSNoLshUuFj+UcQJ

Score

10^/10

isrstealer spyware stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

788955fd1239eeda6405885c58f0a00edbcb9f3bd21d57f13e88712b82b8d9b4.exe

Resource

win7-20220812-en

spyware stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

788955fd1239eeda6405885c58f0a00edbcb9f3bd21d57f13e88712b82b8d9b4.exe

Resource

win10v2004-20220812-en

spyware stealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  788955fd1239eeda6405885c58f0a00edbcb9f3bd21d57f13e88712b82b8d9b4
- Size
  
  332KB
- MD5
  
  ddf2d9be5ba7db3de27dfc92eb978580
- SHA1
  
  01d4f3e43aaf3c31565111bd40f85bb9d49f8841
- SHA256
  
  788955fd1239eeda6405885c58f0a00edbcb9f3bd21d57f13e88712b82b8d9b4
- SHA512
  
  ae6739f99ca1d403ecf7322f88c2db08cb7333c1ae3a3227615b8e3d89708105a660242db1875d0b19d6ae67bd9da1cd11ea1f188ee2928c8b317e48beafac26
- SSDEEP
  
  6144:iH8vnCm4/QrVeoichIaoL2Xh4f3uFf7P2QButMGQJ:kjQrdiSNoLshUuFj+UcQJ
Score

7^/10

spyware stealer
- Reads data files stored by FTP clients
  Tries to access configuration files associated with programs like FileZilla.
  spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy