General
-
Target
2de955495a987336b32f27d3e84d8c1a
-
Size
205KB
-
Sample
231231-jl8fwsdbe3
-
MD5
2de955495a987336b32f27d3e84d8c1a
-
SHA1
7609b0324872ebdd2e74f485ca0bba8dfa30cff9
-
SHA256
a4c3779c665ff0b55ad100d952211b8a0d7d063764ad85811e239124535d6cc9
-
SHA512
8b717fd9da4d56f5a680b82822c8c063f7766d5f6d45fd90c0850852594e5ccb722c2528945a08497c672764919dacdcb666463f1bbd2f5075212c5393b3c59a
-
SSDEEP
3072:JM2kKQtv3vwsyclCPCRnglKDqvTQCfzRaPP8/eR:oJv/ws6PCBgkDSYF
Static task
static1
Behavioral task
behavioral1
Sample
2de955495a987336b32f27d3e84d8c1a.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
2de955495a987336b32f27d3e84d8c1a.exe
Resource
win10v2004-20231222-en
Malware Config
Targets
-
-
Target
2de955495a987336b32f27d3e84d8c1a
-
Size
205KB
-
MD5
2de955495a987336b32f27d3e84d8c1a
-
SHA1
7609b0324872ebdd2e74f485ca0bba8dfa30cff9
-
SHA256
a4c3779c665ff0b55ad100d952211b8a0d7d063764ad85811e239124535d6cc9
-
SHA512
8b717fd9da4d56f5a680b82822c8c063f7766d5f6d45fd90c0850852594e5ccb722c2528945a08497c672764919dacdcb666463f1bbd2f5075212c5393b3c59a
-
SSDEEP
3072:JM2kKQtv3vwsyclCPCRnglKDqvTQCfzRaPP8/eR:oJv/ws6PCBgkDSYF
Score10/10-
ISR Stealer
ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
-
ISR Stealer payload
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-