isrstealer | 58db15d4b45db176d80ad7cc21b544dcec55d89543a50f1649b4eb9cd7194229 | Triage

Sharing

General

Target

546d2ae4811359ac99f519ddc36a7b34_JaffaCakes118
Size

358KB
Sample

240717-x32assycna
MD5

546d2ae4811359ac99f519ddc36a7b34
SHA1

d02964232311c54e86d5ad95d65c0e7e3b87d18f
SHA256

58db15d4b45db176d80ad7cc21b544dcec55d89543a50f1649b4eb9cd7194229
SHA512

034fd0c727ea190a4d539b2f5798bd0cd7b82929ee47e88edb112630633d5acac8dcd08a8598008619af1aa0d1e82330d15988e34e273f2f4978f9f3965a00cf
SSDEEP

6144:fH8OjBd3ICtA2GGfAcghy142UCsjMmvJgMi1SYyn8SjuG:bjzFzzYcM83TmahCnjh

Score

10^/10

isrstealer spyware stealer

Malware Config

Targets

- Target
  
  546d2ae4811359ac99f519ddc36a7b34_JaffaCakes118
- Size
  
  358KB
- MD5
  
  546d2ae4811359ac99f519ddc36a7b34
- SHA1
  
  d02964232311c54e86d5ad95d65c0e7e3b87d18f
- SHA256
  
  58db15d4b45db176d80ad7cc21b544dcec55d89543a50f1649b4eb9cd7194229
- SHA512
  
  034fd0c727ea190a4d539b2f5798bd0cd7b82929ee47e88edb112630633d5acac8dcd08a8598008619af1aa0d1e82330d15988e34e273f2f4978f9f3965a00cf
- SSDEEP
  
  6144:fH8OjBd3ICtA2GGfAcghy142UCsjMmvJgMi1SYyn8SjuG:bjzFzzYcM83TmahCnjh
Score

7^/10

spyware stealer
- Reads data files stored by FTP clients
  Tries to access configuration files associated with programs like FileZilla.
  spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2