isrstealer | b5d32c93e9a815f775489aa2b0ab1f86d45821df344916237746557062d7e8fb | Triage

Submit
Reports

Overview

overview

Static

static

3

c1cfb778cb...38.exe

windows7-x64

c1cfb778cb...38.exe

windows10-2004-x64

Sharing

General

Target

c1cfb778cbfe135b6fb0d2b6b9116b38
Size

156KB
Sample

240311-2tvtwaah25
MD5

c1cfb778cbfe135b6fb0d2b6b9116b38
SHA1

f90af1a915f603a6acc40c18a5d9e8e6eef8d015
SHA256

b5d32c93e9a815f775489aa2b0ab1f86d45821df344916237746557062d7e8fb
SHA512

8ca72c995233c5c14eb9d1b6d6b1b70f72f03acbfb578743b0da8bce03b36d0d2d7e005feefb2fffd55f803e41f9e17b5be8ccc5a333a34d426545fbb6443b0a
SSDEEP

3072:+rHi7npAaojNu3LTEj+XaUC3lgosmm8O3J7We5FaOVdD4uhepQ:38jCLT0Rr3+onm/39PRHMuhep

Score

10^/10

isrstealer spyware stealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

c1cfb778cbfe135b6fb0d2b6b9116b38.exe

Resource

win7-20240221-en

isrstealer spyware stealer trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

c1cfb778cbfe135b6fb0d2b6b9116b38.exe

Resource

win10v2004-20240226-en

isrstealer spyware stealer trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  c1cfb778cbfe135b6fb0d2b6b9116b38
- Size
  
  156KB
- MD5
  
  c1cfb778cbfe135b6fb0d2b6b9116b38
- SHA1
  
  f90af1a915f603a6acc40c18a5d9e8e6eef8d015
- SHA256
  
  b5d32c93e9a815f775489aa2b0ab1f86d45821df344916237746557062d7e8fb
- SHA512
  
  8ca72c995233c5c14eb9d1b6d6b1b70f72f03acbfb578743b0da8bce03b36d0d2d7e005feefb2fffd55f803e41f9e17b5be8ccc5a333a34d426545fbb6443b0a
- SSDEEP
  
  3072:+rHi7npAaojNu3LTEj+XaUC3lgosmm8O3J7We5FaOVdD4uhepQ:38jCLT0Rr3+onm/39PRHMuhep
Score

10^/10

isrstealer spyware stealer trojan
- ISR Stealer
  ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
  trojan stealer isrstealer
- ISR Stealer payload
- Reads data files stored by FTP clients
  Tries to access configuration files associated with programs like FileZilla.
  spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

isrstealerspywarestealertrojan

behavioral2

isrstealerspywarestealertrojan

© 2018-2024

Terms | Privacy