isrstealer | cf7e2983b8fef5a9588080285389d57a5f6b738ca2f00639a8edebf2ee473835 | Triage

Submit
Reports

Overview

overview

Static

static

3

66b852a9c9...18.exe

windows7-x64

66b852a9c9...18.exe

windows10-2004-x64

Sharing

General

Target

66b852a9c91b240e80f7e59bab108298_JaffaCakes118
Size

247KB
Sample

240723-jnhy1swcjm
MD5

66b852a9c91b240e80f7e59bab108298
SHA1

9accc7f379bf198237835fa7d58c299cee47f7cf
SHA256

cf7e2983b8fef5a9588080285389d57a5f6b738ca2f00639a8edebf2ee473835
SHA512

3e3b5623518101d49b41118cdcba2d694e8d73ff683adaf763372b1a4b29e9848ab5da1b5c1ec804bde61f195a1cca4e76c435a334619d88b56776b671f243c8
SSDEEP

3072:Y7tfvw/idrxY5reRd1sSPwD/lPALbIiuS:tiJxgeRd1sSPQiu

Score

10^/10

isrstealer persistence stealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

66b852a9c91b240e80f7e59bab108298_JaffaCakes118.exe

Resource

win7-20240704-en

isrstealer persistence stealer trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

66b852a9c91b240e80f7e59bab108298_JaffaCakes118.exe

Resource

win10v2004-20240709-en

isrstealer persistence stealer trojan

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  66b852a9c91b240e80f7e59bab108298_JaffaCakes118
- Size
  
  247KB
- MD5
  
  66b852a9c91b240e80f7e59bab108298
- SHA1
  
  9accc7f379bf198237835fa7d58c299cee47f7cf
- SHA256
  
  cf7e2983b8fef5a9588080285389d57a5f6b738ca2f00639a8edebf2ee473835
- SHA512
  
  3e3b5623518101d49b41118cdcba2d694e8d73ff683adaf763372b1a4b29e9848ab5da1b5c1ec804bde61f195a1cca4e76c435a334619d88b56776b671f243c8
- SSDEEP
  
  3072:Y7tfvw/idrxY5reRd1sSPwD/lPALbIiuS:tiJxgeRd1sSPQiu
Score

10^/10

isrstealer persistence stealer trojan
- ISR Stealer
  ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
  trojan stealer isrstealer
- ISR Stealer payload
- Uses the VBS compiler for execution
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scripting

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Scripting

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

isrstealerpersistencestealertrojan

behavioral2

isrstealerpersistencestealertrojan

© 2018-2024

Terms | Privacy