isrstealer | 1d4a28fc6d8fb4c2e738648df5d377d796ab03852a8396b6e6c7cb5267222521 | Triage

Submit
Reports

Overview

overview

Static

static

8

1d4a28fc6d...21.exe

windows7-x64

1d4a28fc6d...21.exe

windows10-2004-x64

Sharing

General

Target

1d4a28fc6d8fb4c2e738648df5d377d796ab03852a8396b6e6c7cb5267222521
Size

744KB
Sample

221201-kp3kgsbf99
MD5

315e68bc527fb503eec6aa8e48c3169d
SHA1

daf000b5d8f439639725716c233d32c46c032e78
SHA256

1d4a28fc6d8fb4c2e738648df5d377d796ab03852a8396b6e6c7cb5267222521
SHA512

c36996e8783013700cf2c27b243b0ee11b17de3b9e446ef07f066ab1820516ae06329d9a5c0f932bf98467f74da5d3c467954075f4671e18ff2abb449d8cba3f
SSDEEP

12288:gnhOhR3rE1SlW+Ww/TvIlMxb6+MVzdMJNLF3N0j2tDlrYQD9Q5BI4ebCqS:gER7GSliw/7qMJ6YzF3N0SrrY3fYm

Score

10^/10

isrstealer spyware stealer trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1d4a28fc6d8fb4c2e738648df5d377d796ab03852a8396b6e6c7cb5267222521.exe

Resource

win7-20220812-en

isrstealer spyware stealer trojan upx

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

1d4a28fc6d8fb4c2e738648df5d377d796ab03852a8396b6e6c7cb5267222521.exe

Resource

win10v2004-20220812-en

isrstealer spyware stealer trojan upx

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  1d4a28fc6d8fb4c2e738648df5d377d796ab03852a8396b6e6c7cb5267222521
- Size
  
  744KB
- MD5
  
  315e68bc527fb503eec6aa8e48c3169d
- SHA1
  
  daf000b5d8f439639725716c233d32c46c032e78
- SHA256
  
  1d4a28fc6d8fb4c2e738648df5d377d796ab03852a8396b6e6c7cb5267222521
- SHA512
  
  c36996e8783013700cf2c27b243b0ee11b17de3b9e446ef07f066ab1820516ae06329d9a5c0f932bf98467f74da5d3c467954075f4671e18ff2abb449d8cba3f
- SSDEEP
  
  12288:gnhOhR3rE1SlW+Ww/TvIlMxb6+MVzdMJNLF3N0j2tDlrYQD9Q5BI4ebCqS:gER7GSliw/7qMJ6YzF3N0SrrY3fYm
Score

10^/10

isrstealer spyware stealer trojan upx
- ISR Stealer
  ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
  trojan stealer isrstealer
- ISR Stealer payload
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

isrstealerspywarestealertrojanupx

behavioral2

isrstealerspywarestealertrojanupx

© 2018-2025

Terms | Privacy