isrstealer | ca71c915ec79c27d2d4f001dd2f3801ea48176cce27d45fd44edcdd68201b820 | Triage

Sharing

General

Target

26104e792d5f2de10643e48ad9f23412_JaffaCakes118
Size

76KB
Sample

240704-ymy16sybmg
MD5

26104e792d5f2de10643e48ad9f23412
SHA1

c99b8ee690110220080056a0b73df558987174b6
SHA256

ca71c915ec79c27d2d4f001dd2f3801ea48176cce27d45fd44edcdd68201b820
SHA512

349606c7f2c69a593bc612bf57c3ebdc084ab86c2d2311d53111beacfed9760655c6cf237de6200877d097360cd040dc443805ab8d7922ffe4f65e2683a1c44f
SSDEEP

1536:1z3HBexMQT+2umeWO2+FPx/lXYVAG8Zs7kfl/ig8Oe:exMQeXYVQsel/iwe

Score

10^/10

isrstealer spyware stealer

Malware Config

Targets

- Target
  
  26104e792d5f2de10643e48ad9f23412_JaffaCakes118
- Size
  
  76KB
- MD5
  
  26104e792d5f2de10643e48ad9f23412
- SHA1
  
  c99b8ee690110220080056a0b73df558987174b6
- SHA256
  
  ca71c915ec79c27d2d4f001dd2f3801ea48176cce27d45fd44edcdd68201b820
- SHA512
  
  349606c7f2c69a593bc612bf57c3ebdc084ab86c2d2311d53111beacfed9760655c6cf237de6200877d097360cd040dc443805ab8d7922ffe4f65e2683a1c44f
- SSDEEP
  
  1536:1z3HBexMQT+2umeWO2+FPx/lXYVAG8Zs7kfl/ig8Oe:exMQeXYVQsel/iwe
Score

7^/10

spyware stealer
- Reads data files stored by FTP clients
  Tries to access configuration files associated with programs like FileZilla.
  spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2