Overview

overview

10

Static

static

3

8c5f105eb2...18.exe

windows7-x64

10

8c5f105eb2...18.exe

windows10-2004-x64

10

Resubmissions

11/08/2024, 23:53 UTC

240811-3xms4svfql 10

11/08/2024, 23:16 UTC

240811-288paatekn 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8c5f105eb24d29e66e1b89a734f0aada_JaffaCakes118

  • Size

    240KB

  • Sample

    240811-288paatekn

  • MD5

    8c5f105eb24d29e66e1b89a734f0aada

  • SHA1

    2d3fbdd86bd1e441f7050436e5eac56dade36541

  • SHA256

    563dd975f0211df190d9c1ac1538c16ea3a82aba413f199b5b7000c08570a1e2

  • SHA512

    b836ee8b2637d5122735618935caefa0d8359590357aa1ad90469f14028e9d1ce1edfa569aeb76bcf55895f253a7735f8891e9076570f79a45ae0bd4383e092b

  • SSDEEP

    6144:wLa94GN7fiIEAeLHJx0ZW6x6FJzw4E5i3ZUp/yq0DASrikrhwKACS:wW94GN7fiIEAeLHJx0ZWJjjNJcyq8rzs

Score
10/10
isrstealerbootkitcredential_accessdiscoverypersistencespywarestealertrojanupx

Malware Config

Targets

    • Target

      8c5f105eb24d29e66e1b89a734f0aada_JaffaCakes118

    • Size

      240KB

    • MD5

      8c5f105eb24d29e66e1b89a734f0aada

    • SHA1

      2d3fbdd86bd1e441f7050436e5eac56dade36541

    • SHA256

      563dd975f0211df190d9c1ac1538c16ea3a82aba413f199b5b7000c08570a1e2

    • SHA512

      b836ee8b2637d5122735618935caefa0d8359590357aa1ad90469f14028e9d1ce1edfa569aeb76bcf55895f253a7735f8891e9076570f79a45ae0bd4383e092b

    • SSDEEP

      6144:wLa94GN7fiIEAeLHJx0ZW6x6FJzw4E5i3ZUp/yq0DASrikrhwKACS:wW94GN7fiIEAeLHJx0ZWJjjNJcyq8rzs

    Score
    10/10
    isrstealerbootkitcredential_accessdiscoverypersistencespywarestealertrojanupx

    • ISR Stealer

      ISR Stealer is a modified version of Hackhound Stealer written in visual basic.

      trojanstealerisrstealer

    • ISR Stealer payload

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

      credential_accessstealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.