General
-
Target
9369c8e914653070131fe9699d18617f367c403eae6d739bdef7974d50c3e032
-
Size
648KB
-
Sample
221202-1tvnfacb81
-
MD5
612d3a263b05cdf932144c4b86a81588
-
SHA1
c4fabf889d321b89c0ccd15ae4089afe3f21a18d
-
SHA256
9369c8e914653070131fe9699d18617f367c403eae6d739bdef7974d50c3e032
-
SHA512
81aa5b3b919299bfc3410ce7ee9016c43583b0d7a8be50913757b7f48d6f671c4dd7d259a9c3173a3e41245f63c10b54f45e127407664d53475e9d2ac97be2d1
-
SSDEEP
6144:F76EZgP8mXJyt7q0hwf3bbf6NsV1ie7vdfY2zJlsJ9nuL5CAxTCCyzwZThI/2V:EE41J+qrzoup7BYyJlsJ9uEiA2V
Malware Config
Targets
-
-
Target
9369c8e914653070131fe9699d18617f367c403eae6d739bdef7974d50c3e032
-
Size
648KB
-
MD5
612d3a263b05cdf932144c4b86a81588
-
SHA1
c4fabf889d321b89c0ccd15ae4089afe3f21a18d
-
SHA256
9369c8e914653070131fe9699d18617f367c403eae6d739bdef7974d50c3e032
-
SHA512
81aa5b3b919299bfc3410ce7ee9016c43583b0d7a8be50913757b7f48d6f671c4dd7d259a9c3173a3e41245f63c10b54f45e127407664d53475e9d2ac97be2d1
-
SSDEEP
6144:F76EZgP8mXJyt7q0hwf3bbf6NsV1ie7vdfY2zJlsJ9nuL5CAxTCCyzwZThI/2V:EE41J+qrzoup7BYyJlsJ9uEiA2V
Score10/10-
ISR Stealer
ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
-
ISR Stealer payload
-
Executes dropped EXE
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-