Overview

overview

10

Static

static

3

5b170c7b8d...18.exe

windows7-x64

10

5b170c7b8d...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5b170c7b8d61630f24f4770813de528d_JaffaCakes118

  • Size

    369KB

  • Sample

    240719-jxn7dstfjf

  • MD5

    5b170c7b8d61630f24f4770813de528d

  • SHA1

    4a70f8afc53c5da2a8440d01b3774a0f1b20bd21

  • SHA256

    d8ab7a683844737423d19278b867628dbb80b870f9d768efa8fa2f9b04fb352b

  • SHA512

    0b31422836d3b3c7ad0caec4d91d747f45423920826109a373931feb683811f49b601f0563c19eddcdd9901fa444b7a425a2d5d55b5435cb53f9f78b8337b5a8

  • SSDEEP

    6144:r49nHjl8/Q7agtGCRUNKmHNtSOI0sJ5RPqkZvoIXDDUkHVgxb6dq8/BxjH0H:r4lHF77PRUIGNtyJvouDUkHVg96k6xj

Score
10/10
isrstealerstealertrojanupx

Malware Config

Targets

    • Target

      5b170c7b8d61630f24f4770813de528d_JaffaCakes118

    • Size

      369KB

    • MD5

      5b170c7b8d61630f24f4770813de528d

    • SHA1

      4a70f8afc53c5da2a8440d01b3774a0f1b20bd21

    • SHA256

      d8ab7a683844737423d19278b867628dbb80b870f9d768efa8fa2f9b04fb352b

    • SHA512

      0b31422836d3b3c7ad0caec4d91d747f45423920826109a373931feb683811f49b601f0563c19eddcdd9901fa444b7a425a2d5d55b5435cb53f9f78b8337b5a8

    • SSDEEP

      6144:r49nHjl8/Q7agtGCRUNKmHNtSOI0sJ5RPqkZvoIXDDUkHVgxb6dq8/BxjH0H:r4lHF77PRUIGNtyJvouDUkHVg96k6xj

    Score
    10/10
    isrstealerstealertrojanupx

    • ISR Stealer

      ISR Stealer is a modified version of Hackhound Stealer written in visual basic.

      trojanstealerisrstealer

    • ISR Stealer payload

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks