isrstealer | b4f006527446336369d30c2e9c7f3514a01ce430674b1d58c96bb019db98266d | Triage

Submit
Reports

Overview

overview

Static

static

2e2c7b2f89...18.exe

windows7-x64

7

2e2c7b2f89...18.exe

windows10-2004-x64

1

Sharing

General

Target

2e2c7b2f8986bab103de304bbbb8569e_JaffaCakes118
Size

208KB
Sample

240708-26z95awera
MD5

2e2c7b2f8986bab103de304bbbb8569e
SHA1

45e942ee5187760e4b89073fe13dfe218b414bda
SHA256

b4f006527446336369d30c2e9c7f3514a01ce430674b1d58c96bb019db98266d
SHA512

c4f9390f62609c18c27c39cf8a545e3690cf23ad57450fe0493def3be5870d8e6c5dd9c067ef10d5b9c426f9ef92c1a5cfee08f97c19d621d4f928d9d53c8771
SSDEEP

6144:1XbdXPx36dIKCC0ef//uXltKc+LVsz9b8:B6dFeCXuLKcCVsz6

Score

10^/10

isrstealer spyware stealer upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

2e2c7b2f8986bab103de304bbbb8569e_JaffaCakes118.exe

Resource

win7-20240704-en

spyware stealer upx

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

2e2c7b2f8986bab103de304bbbb8569e_JaffaCakes118.exe

Resource

win10v2004-20240704-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  2e2c7b2f8986bab103de304bbbb8569e_JaffaCakes118
- Size
  
  208KB
- MD5
  
  2e2c7b2f8986bab103de304bbbb8569e
- SHA1
  
  45e942ee5187760e4b89073fe13dfe218b414bda
- SHA256
  
  b4f006527446336369d30c2e9c7f3514a01ce430674b1d58c96bb019db98266d
- SHA512
  
  c4f9390f62609c18c27c39cf8a545e3690cf23ad57450fe0493def3be5870d8e6c5dd9c067ef10d5b9c426f9ef92c1a5cfee08f97c19d621d4f928d9d53c8771
- SSDEEP
  
  6144:1XbdXPx36dIKCC0ef//uXltKc+LVsz9b8:B6dFeCXuLKcCVsz6
Score

7^/10

spyware stealer upx
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

spywarestealerupx

behavioral2

© 2018-2024

Terms | Privacy