General

  • Target

    123ead4a0cba2ca67d621f835011e12f

  • Size

    351KB

  • Sample

    231230-jdpc2sbggn

  • MD5

    123ead4a0cba2ca67d621f835011e12f

  • SHA1

    d28b7f8946faaebe82ce8cc36cce0df640a2c5b5

  • SHA256

    9514c96ca877e13960c07ba58f54091df835f1f5b4135c16f9dc4cd78928c85c

  • SHA512

    7c8413d165b74ba39c4272ca4dc851d8ceb837eaa251aaf41d66ab43fc7b8bd606a0da0469b533a14ff0b34c55fc87dc8c619c629bd18926ddd82660baae0299

  • SSDEEP

    6144:VpQz6Vc6iK52P9osBDxioZPo35ruomQ2m1XrP1Dnoez844Y2nm7zHQD1vxSN:V6QniK5SBEzsI3BrP1bHg4HNPwRvc

Malware Config

Targets

    • Target

      123ead4a0cba2ca67d621f835011e12f

    • Size

      351KB

    • MD5

      123ead4a0cba2ca67d621f835011e12f

    • SHA1

      d28b7f8946faaebe82ce8cc36cce0df640a2c5b5

    • SHA256

      9514c96ca877e13960c07ba58f54091df835f1f5b4135c16f9dc4cd78928c85c

    • SHA512

      7c8413d165b74ba39c4272ca4dc851d8ceb837eaa251aaf41d66ab43fc7b8bd606a0da0469b533a14ff0b34c55fc87dc8c619c629bd18926ddd82660baae0299

    • SSDEEP

      6144:VpQz6Vc6iK52P9osBDxioZPo35ruomQ2m1XrP1Dnoez844Y2nm7zHQD1vxSN:V6QniK5SBEzsI3BrP1bHg4HNPwRvc

    • ISR Stealer

      ISR Stealer is a modified version of Hackhound Stealer written in visual basic.

    • ISR Stealer payload

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks