isrstealer | 8cc0c19b9a9f5b46ad2dc47537f10c501ded27f4873f818a4f04e062818331d1

General

Target

25ec69412531b4ac0ee8abffe7cfe60a_JaffaCakes118
Size

104KB
Sample

240704-xtr1rswfkb
MD5

25ec69412531b4ac0ee8abffe7cfe60a
SHA1

c6b3ffd8a02f8baa15a4f5cf2c2f2b851bd8089f
SHA256

8cc0c19b9a9f5b46ad2dc47537f10c501ded27f4873f818a4f04e062818331d1
SHA512

32d40544d5ca1a44f3239023d38691e17e08581ebe79c906e3bf59380d47298f6bf09860b2ec18eb9bc76ceb63c06e18332fd6a3084dc83f249d7add32f7c526
SSDEEP

3072:aXyehnXQUZZb0x2OfqzIyrg507v7Rl80PcqR:aCehXQUZZb0QOfqV007v7RC0

Score

10^/10

Malware Config

Targets

- Target
  
  25ec69412531b4ac0ee8abffe7cfe60a_JaffaCakes118
- Size
  
  104KB
- MD5
  
  25ec69412531b4ac0ee8abffe7cfe60a
- SHA1
  
  c6b3ffd8a02f8baa15a4f5cf2c2f2b851bd8089f
- SHA256
  
  8cc0c19b9a9f5b46ad2dc47537f10c501ded27f4873f818a4f04e062818331d1
- SHA512
  
  32d40544d5ca1a44f3239023d38691e17e08581ebe79c906e3bf59380d47298f6bf09860b2ec18eb9bc76ceb63c06e18332fd6a3084dc83f249d7add32f7c526
- SSDEEP
  
  3072:aXyehnXQUZZb0x2OfqzIyrg507v7Rl80PcqR:aCehXQUZZb0QOfqV007v7RC0
Score

10^/10

isrstealer spyware stealer trojan
- ISR Stealer
  ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
  trojan stealer isrstealer
- ISR Stealer payload
- Executes dropped EXE
- Loads dropped DLL
- Reads data files stored by FTP clients
  Tries to access configuration files associated with programs like FileZilla.
  spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

2

T1552

Credentials In Files

2

T1552.001

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Data from Local System

2

T1005

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

ISR Stealer

ISR Stealer payload

Executes dropped EXE

Loads dropped DLL

Reads data files stored by FTP clients

Reads user/profile data of web browsers

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2