Overview

overview

10

Static

static

8

8b04442da2...81.exe

windows7-x64

10

8b04442da2...81.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8b04442da25cfa5698f2ceddb2137c1306d84880a04fa2a2d662090fe23e3e81

  • Size

    915KB

  • Sample

    221203-g2fdyabe65

  • MD5

    d5517bed2e8eebb29ed1ac0df1fc0f27

  • SHA1

    a216d852812987b7026148f5cb3df3ebf0d64c80

  • SHA256

    8b04442da25cfa5698f2ceddb2137c1306d84880a04fa2a2d662090fe23e3e81

  • SHA512

    6d39794b8e400701593ec720ab8b6d211804f9a80634a4c68d301fb114054b40c87def9a915c76a226635238c094f0faab402437a7c738cf744e31900580a1c1

  • SSDEEP

    12288:J6Wq4aaE6KwyF5L0Y2D1PqLCL0AyP01MzKoKqEJlOAH3BxvvQTgaA:fthEVaPqLCLqEMuoKqWlOAXzxaA

Score
10/10
isrstealerstealertrojanupx

Malware Config

Targets

    • Target

      8b04442da25cfa5698f2ceddb2137c1306d84880a04fa2a2d662090fe23e3e81

    • Size

      915KB

    • MD5

      d5517bed2e8eebb29ed1ac0df1fc0f27

    • SHA1

      a216d852812987b7026148f5cb3df3ebf0d64c80

    • SHA256

      8b04442da25cfa5698f2ceddb2137c1306d84880a04fa2a2d662090fe23e3e81

    • SHA512

      6d39794b8e400701593ec720ab8b6d211804f9a80634a4c68d301fb114054b40c87def9a915c76a226635238c094f0faab402437a7c738cf744e31900580a1c1

    • SSDEEP

      12288:J6Wq4aaE6KwyF5L0Y2D1PqLCL0AyP01MzKoKqEJlOAH3BxvvQTgaA:fthEVaPqLCLqEMuoKqWlOAXzxaA

    Score
    10/10
    isrstealerstealertrojanupx

    • ISR Stealer

      ISR Stealer is a modified version of Hackhound Stealer written in visual basic.

      trojanstealerisrstealer

    • ISR Stealer payload

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks