Overview

overview

10

Static

static

7

409016c0af...18.exe

windows7-x64

7

409016c0af...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    409016c0af19c53d12728d32bf6e8aeb_JaffaCakes118

  • Size

    314KB

  • Sample

    240713-hbjjcazcpq

  • MD5

    409016c0af19c53d12728d32bf6e8aeb

  • SHA1

    f374800463d79f4d1e8f2f452c73f8215d59d057

  • SHA256

    825279b4ee01cb696222882013f632b6aa635167733b34987e68b82906c02dca

  • SHA512

    6b1305cb17d5295fa81c94ee66cac6fa57e2337e0f97a8a3bf2a7eab4f00fb82fc326c7f6194954a3bf96fa35887ea97fbcf0d5184faaeb91f005192f4c68aa8

  • SSDEEP

    6144:rgODPGMlZ5+BGQCIKqbBuu7be7EmMPViQO8ksBMOVKxB6aEw3o6:dPJb5QGOZb0J7EHViChMOm6aP

Score
10/10
isrstealerspywarestealertrojanupx

Malware Config

Targets

    • Target

      409016c0af19c53d12728d32bf6e8aeb_JaffaCakes118

    • Size

      314KB

    • MD5

      409016c0af19c53d12728d32bf6e8aeb

    • SHA1

      f374800463d79f4d1e8f2f452c73f8215d59d057

    • SHA256

      825279b4ee01cb696222882013f632b6aa635167733b34987e68b82906c02dca

    • SHA512

      6b1305cb17d5295fa81c94ee66cac6fa57e2337e0f97a8a3bf2a7eab4f00fb82fc326c7f6194954a3bf96fa35887ea97fbcf0d5184faaeb91f005192f4c68aa8

    • SSDEEP

      6144:rgODPGMlZ5+BGQCIKqbBuu7be7EmMPViQO8ksBMOVKxB6aEw3o6:dPJb5QGOZb0J7EHViChMOm6aP

    Score
    10/10
    upxisrstealerspywarestealertrojan

    • ISR Stealer

      ISR Stealer is a modified version of Hackhound Stealer written in visual basic.

      trojanstealerisrstealer

    • ISR Stealer payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks