Overview

overview

10

Static

static

b7ebe81bae...13.exe

windows7-x64

10

b7ebe81bae...13.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b7ebe81bae15e93f14e32432dc1f135f4ba62de4e37cd765ea698e5c789fa913

  • Size

    288KB

  • Sample

    221201-lgyf8sed84

  • MD5

    7e83a1c30ce7b96bb09d5467c52f9a9f

  • SHA1

    9be13b739e021499ffe2e9b0a27953d98efb07ea

  • SHA256

    b7ebe81bae15e93f14e32432dc1f135f4ba62de4e37cd765ea698e5c789fa913

  • SHA512

    9f591a305479b906bad1e578822770675c1d41b75a34a7e66b566541792904fa4eb0cd7aa3af4fa8073c910acf2077ae390a9a0a00bf9b0a91ca6e6079f10b9f

  • SSDEEP

    3072:7/yRdz/A331PSbKAYxKYQ9vfyqtDkaOt3OD6mikkDaUpfTDMBh8QZMc8YbMzilXp:WEn1S+wYQ9aicOfikk2sohb+ilZ

Score
10/10
isrstealerspywarestealertrojanupx

Malware Config

Targets

    • Target

      b7ebe81bae15e93f14e32432dc1f135f4ba62de4e37cd765ea698e5c789fa913

    • Size

      288KB

    • MD5

      7e83a1c30ce7b96bb09d5467c52f9a9f

    • SHA1

      9be13b739e021499ffe2e9b0a27953d98efb07ea

    • SHA256

      b7ebe81bae15e93f14e32432dc1f135f4ba62de4e37cd765ea698e5c789fa913

    • SHA512

      9f591a305479b906bad1e578822770675c1d41b75a34a7e66b566541792904fa4eb0cd7aa3af4fa8073c910acf2077ae390a9a0a00bf9b0a91ca6e6079f10b9f

    • SSDEEP

      3072:7/yRdz/A331PSbKAYxKYQ9vfyqtDkaOt3OD6mikkDaUpfTDMBh8QZMc8YbMzilXp:WEn1S+wYQ9aicOfikk2sohb+ilZ

    Score
    10/10
    isrstealerspywarestealertrojanupx

    • ISR Stealer

      ISR Stealer is a modified version of Hackhound Stealer written in visual basic.

      trojanstealerisrstealer

    • ISR Stealer payload

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks