General

  • Target

    2de955495a987336b32f27d3e84d8c1a

  • Size

    205KB

  • Sample

    231231-jl8fwsdbe3

  • MD5

    2de955495a987336b32f27d3e84d8c1a

  • SHA1

    7609b0324872ebdd2e74f485ca0bba8dfa30cff9

  • SHA256

    a4c3779c665ff0b55ad100d952211b8a0d7d063764ad85811e239124535d6cc9

  • SHA512

    8b717fd9da4d56f5a680b82822c8c063f7766d5f6d45fd90c0850852594e5ccb722c2528945a08497c672764919dacdcb666463f1bbd2f5075212c5393b3c59a

  • SSDEEP

    3072:JM2kKQtv3vwsyclCPCRnglKDqvTQCfzRaPP8/eR:oJv/ws6PCBgkDSYF

Malware Config

Targets

    • Target

      2de955495a987336b32f27d3e84d8c1a

    • Size

      205KB

    • MD5

      2de955495a987336b32f27d3e84d8c1a

    • SHA1

      7609b0324872ebdd2e74f485ca0bba8dfa30cff9

    • SHA256

      a4c3779c665ff0b55ad100d952211b8a0d7d063764ad85811e239124535d6cc9

    • SHA512

      8b717fd9da4d56f5a680b82822c8c063f7766d5f6d45fd90c0850852594e5ccb722c2528945a08497c672764919dacdcb666463f1bbd2f5075212c5393b3c59a

    • SSDEEP

      3072:JM2kKQtv3vwsyclCPCRnglKDqvTQCfzRaPP8/eR:oJv/ws6PCBgkDSYF

    • ISR Stealer

      ISR Stealer is a modified version of Hackhound Stealer written in visual basic.

    • ISR Stealer payload

    • Uses the VBS compiler for execution

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks