Overview

overview

10

Static

static

b73b8583d9...b6.exe

windows7-x64

10

b73b8583d9...b6.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b73b8583d9025b56793b1bc3128ad07abcdccfcc6f8084aff9dec84bd30b0eb6

  • Size

    92KB

  • Sample

    221201-xme3madg6y

  • MD5

    32d0b612ac8f4f9f7a4e9a431fbae676

  • SHA1

    f90925f4acef4ba82b978abaae0ded81f3831cee

  • SHA256

    b73b8583d9025b56793b1bc3128ad07abcdccfcc6f8084aff9dec84bd30b0eb6

  • SHA512

    e8227e6dde000a5c1c2a580956df7478f48cea3949e0b88fd0e4952ab97cccc38a71f72c2b41566ec77193096ec9c0350d77c722d1b01ded0456efefaa38f7d7

  • SSDEEP

    1536:8ml2Qr2U692jh5XBpxWJzq3YnoHA7uL3oFlY75Lslh:8mlqGhnWV8CjuTEY7hyh

Score
10/10
isrstealerspywarestealertrojan

Malware Config

Targets

    • Target

      b73b8583d9025b56793b1bc3128ad07abcdccfcc6f8084aff9dec84bd30b0eb6

    • Size

      92KB

    • MD5

      32d0b612ac8f4f9f7a4e9a431fbae676

    • SHA1

      f90925f4acef4ba82b978abaae0ded81f3831cee

    • SHA256

      b73b8583d9025b56793b1bc3128ad07abcdccfcc6f8084aff9dec84bd30b0eb6

    • SHA512

      e8227e6dde000a5c1c2a580956df7478f48cea3949e0b88fd0e4952ab97cccc38a71f72c2b41566ec77193096ec9c0350d77c722d1b01ded0456efefaa38f7d7

    • SSDEEP

      1536:8ml2Qr2U692jh5XBpxWJzq3YnoHA7uL3oFlY75Lslh:8mlqGhnWV8CjuTEY7hyh

    Score
    10/10
    isrstealerspywarestealertrojan

    • ISR Stealer

      ISR Stealer is a modified version of Hackhound Stealer written in visual basic.

      trojanstealerisrstealer

    • ISR Stealer payload

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

      spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks