Overview

overview

10

Static

static

3

02d2d449d6...18.exe

windows7-x64

10

02d2d449d6...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    02d2d449d6ebc99c02351ca0f786338d_JaffaCakes118

  • Size

    652KB

  • Sample

    240622-thq3jstcna

  • MD5

    02d2d449d6ebc99c02351ca0f786338d

  • SHA1

    a0e7a10834a5dfcc7b192c157142ccca74657916

  • SHA256

    c94bafa46add5abf973ee5075d6cfa4ea45f3ce89b5e11f8d273642e01e66c42

  • SHA512

    7c99dd95464bbe06a500549fc7ae9599b1946eac7e0239204e83059ef405eb2805de12fb069e8d6f634d2287165ff4485ee5d5a46dd9cc213258c2b8249c36d6

  • SSDEEP

    6144:4+im16DmFae0ieou1oG7+BRE6A+zBxil5Z32WDh5VyK1qtEhHsKfJeCyEhUw:4+iIG1Tj1oiEG6xz05ZnDly9t/KfcM

Score
10/10
isrstealerspywarestealertrojanupx

Malware Config

Targets

    • Target

      02d2d449d6ebc99c02351ca0f786338d_JaffaCakes118

    • Size

      652KB

    • MD5

      02d2d449d6ebc99c02351ca0f786338d

    • SHA1

      a0e7a10834a5dfcc7b192c157142ccca74657916

    • SHA256

      c94bafa46add5abf973ee5075d6cfa4ea45f3ce89b5e11f8d273642e01e66c42

    • SHA512

      7c99dd95464bbe06a500549fc7ae9599b1946eac7e0239204e83059ef405eb2805de12fb069e8d6f634d2287165ff4485ee5d5a46dd9cc213258c2b8249c36d6

    • SSDEEP

      6144:4+im16DmFae0ieou1oG7+BRE6A+zBxil5Z32WDh5VyK1qtEhHsKfJeCyEhUw:4+iIG1Tj1oiEG6xz05ZnDly9t/KfcM

    Score
    10/10
    isrstealerspywarestealertrojanupx

    • ISR Stealer

      ISR Stealer is a modified version of Hackhound Stealer written in visual basic.

      trojanstealerisrstealer

    • ISR Stealer payload

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks