Overview

overview

10

Static

static

3

723a1496ac...38.exe

windows7-x64

10

723a1496ac...38.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    723a1496ac20595d955bbc575f61ff38

  • Size

    400KB

  • Sample

    231226-qnvfdaafh5

  • MD5

    723a1496ac20595d955bbc575f61ff38

  • SHA1

    d59a78036ee7395f352ae2e40ed59d739d481704

  • SHA256

    45c658ef310219f5a5ab81c9ef0095b9cb076403531874c35296e0a975962193

  • SHA512

    d931c295ae0d4d9c564becb977b3ac8f2fd84275db99a32f79450d8b766c9c1f5fff7f50fe4293540a30a8f6c31d71eff5a8c9d311f7c56b1ce03dc2af454c34

  • SSDEEP

    6144:aoffjUCgjgXbZxx/XHTNmF1WWC04Wzva6X:aAIibZX4004UXX

Score
10/10
isrstealerspywarestealertrojan

Malware Config

Targets

    • Target

      723a1496ac20595d955bbc575f61ff38

    • Size

      400KB

    • MD5

      723a1496ac20595d955bbc575f61ff38

    • SHA1

      d59a78036ee7395f352ae2e40ed59d739d481704

    • SHA256

      45c658ef310219f5a5ab81c9ef0095b9cb076403531874c35296e0a975962193

    • SHA512

      d931c295ae0d4d9c564becb977b3ac8f2fd84275db99a32f79450d8b766c9c1f5fff7f50fe4293540a30a8f6c31d71eff5a8c9d311f7c56b1ce03dc2af454c34

    • SSDEEP

      6144:aoffjUCgjgXbZxx/XHTNmF1WWC04Wzva6X:aAIibZX4004UXX

    Score
    10/10
    isrstealerspywarestealertrojan

    • ISR Stealer

      ISR Stealer is a modified version of Hackhound Stealer written in visual basic.

      trojanstealerisrstealer

    • ISR Stealer payload

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

      spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks