Overview

overview

10

Static

static

10

61cbe473c2...f8.exe

windows7-x64

10

61cbe473c2...f8.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    61cbe473c2d0a7a24eb3be7041be0ad6a2112e769ef7172e86208e292c9b00f8

  • Size

    108KB

  • Sample

    221202-pwkqgaha49

  • MD5

    bba2a3ef1db6a31bfa098b39276f0823

  • SHA1

    1559bd74b80d78cc86d933b157e35d47c4e00abf

  • SHA256

    61cbe473c2d0a7a24eb3be7041be0ad6a2112e769ef7172e86208e292c9b00f8

  • SHA512

    b53d01fc4b831e2050ea67af317a04bdd6afc78af08c3d0ba796ec8c120124b154ec52bc13452cc54aa0aa3b656db074d1c3af4aa4ae38a70dcb30185840d81a

  • SSDEEP

    1536:O9rzltmquXDONz3HBexMQT+2umeWO2+FPx/lXYVAG8Zs7kfl/ig8OjK:OVzltmquXCmxMQeXYVQsel/iwjK

Score
10/10
isrstealerspywarestealertrojan

Malware Config

Targets

    • Target

      61cbe473c2d0a7a24eb3be7041be0ad6a2112e769ef7172e86208e292c9b00f8

    • Size

      108KB

    • MD5

      bba2a3ef1db6a31bfa098b39276f0823

    • SHA1

      1559bd74b80d78cc86d933b157e35d47c4e00abf

    • SHA256

      61cbe473c2d0a7a24eb3be7041be0ad6a2112e769ef7172e86208e292c9b00f8

    • SHA512

      b53d01fc4b831e2050ea67af317a04bdd6afc78af08c3d0ba796ec8c120124b154ec52bc13452cc54aa0aa3b656db074d1c3af4aa4ae38a70dcb30185840d81a

    • SSDEEP

      1536:O9rzltmquXDONz3HBexMQT+2umeWO2+FPx/lXYVAG8Zs7kfl/ig8OjK:OVzltmquXCmxMQeXYVQsel/iwjK

    Score
    10/10
    isrstealerspywarestealertrojan

    • ISR Stealer

      ISR Stealer is a modified version of Hackhound Stealer written in visual basic.

      trojanstealerisrstealer

    • ISR Stealer payload

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

      spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks