Overview

overview

10

Static

static

3

1e7d901906...18.exe

windows7-x64

10

1e7d901906...18.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1e7d901906c37e2fd8807f5f8edcdae1_JaffaCakes118

  • Size

    538KB

  • Sample

    240702-jf2fdssekh

  • MD5

    1e7d901906c37e2fd8807f5f8edcdae1

  • SHA1

    739164b6ca685b7f0748b703c1fc2390d86351bb

  • SHA256

    221f3998c5189acabd57e4c5a83e85bacf8f092ed32a2dcd671e07614b449149

  • SHA512

    6c7eec8b97bc5dd92a35ed79de1915539314b71fc2c3bf3880beceb587de80c56f2ccac39cc80e3e57aff5243c07c1b7754a216ea68b61a9e0f8b75613bfca13

  • SSDEEP

    12288:zr0uzUAVWZOvAI4LsYs3WgEE+LkXB9gHSxa4qTFgqx:zN58ZKAI4LsYs3Wgl+LkXRa4qTFgM

Score
10/10
isrstealerspywarestealertrojanupx

Malware Config

Targets

    • Target

      1e7d901906c37e2fd8807f5f8edcdae1_JaffaCakes118

    • Size

      538KB

    • MD5

      1e7d901906c37e2fd8807f5f8edcdae1

    • SHA1

      739164b6ca685b7f0748b703c1fc2390d86351bb

    • SHA256

      221f3998c5189acabd57e4c5a83e85bacf8f092ed32a2dcd671e07614b449149

    • SHA512

      6c7eec8b97bc5dd92a35ed79de1915539314b71fc2c3bf3880beceb587de80c56f2ccac39cc80e3e57aff5243c07c1b7754a216ea68b61a9e0f8b75613bfca13

    • SSDEEP

      12288:zr0uzUAVWZOvAI4LsYs3WgEE+LkXB9gHSxa4qTFgqx:zN58ZKAI4LsYs3Wgl+LkXRa4qTFgM

    Score
    10/10
    isrstealerspywarestealertrojanupx

    • ISR Stealer

      ISR Stealer is a modified version of Hackhound Stealer written in visual basic.

      trojanstealerisrstealer

    • ISR Stealer payload

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks