isrstealer | 9a94961fa38c917cd1ad01c5ebe8197b3f39758e4f9894368c0ef8d9f0ceebbb | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

9a94961fa3...bb.exe

windows7-x64

9a94961fa3...bb.exe

windows10-2004-x64

Sharing

General

Target

9a94961fa38c917cd1ad01c5ebe8197b3f39758e4f9894368c0ef8d9f0ceebbb
Size

247KB
Sample

221201-kp9c2afd8z
MD5

77b0d01c5b228841bac4672a5834cc61
SHA1

aaf8ae8902469f7a987cb505b82d9ad465262c2e
SHA256

9a94961fa38c917cd1ad01c5ebe8197b3f39758e4f9894368c0ef8d9f0ceebbb
SHA512

562c8862d68bc8162027abe67e216c6e5ac0295cfc1d351cb6b4746fe32ceb4275160e7b67aee0f41423cd822efb405d3f7e6aea6c3be11a5a1913b52591b4b3
SSDEEP

3072:GjnS2QXDU+Jz6pL26HdX/ZMRfEZ+vzsjjV92sley4LTZT2DcZqy8BmV5RTvSUIEl:7TTA26Hd+s9leDTV2D9k5RT6Xq6a

Score

10^/10

isrstealer stealer trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

9a94961fa38c917cd1ad01c5ebe8197b3f39758e4f9894368c0ef8d9f0ceebbb.exe

Resource

win7-20220812-en

isrstealer stealer trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

9a94961fa38c917cd1ad01c5ebe8197b3f39758e4f9894368c0ef8d9f0ceebbb.exe

Resource

win10v2004-20220901-en

isrstealer stealer trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  9a94961fa38c917cd1ad01c5ebe8197b3f39758e4f9894368c0ef8d9f0ceebbb
- Size
  
  247KB
- MD5
  
  77b0d01c5b228841bac4672a5834cc61
- SHA1
  
  aaf8ae8902469f7a987cb505b82d9ad465262c2e
- SHA256
  
  9a94961fa38c917cd1ad01c5ebe8197b3f39758e4f9894368c0ef8d9f0ceebbb
- SHA512
  
  562c8862d68bc8162027abe67e216c6e5ac0295cfc1d351cb6b4746fe32ceb4275160e7b67aee0f41423cd822efb405d3f7e6aea6c3be11a5a1913b52591b4b3
- SSDEEP
  
  3072:GjnS2QXDU+Jz6pL26HdX/ZMRfEZ+vzsjjV92sley4LTZT2DcZqy8BmV5RTvSUIEl:7TTA26Hd+s9leDTV2D9k5RT6Xq6a
Score

10^/10

isrstealer stealer trojan upx
- ISR Stealer
  ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
  trojan stealer isrstealer
- ISR Stealer payload
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

isrstealerstealertrojanupx

behavioral2

isrstealerstealertrojanupx

© 2018-2025

Terms | Privacy