Overview

overview

10

Static

static

3

a65a4f6e4d...18.exe

windows7-x64

10

a65a4f6e4d...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a65a4f6e4d7d1b588fda34ceea52f1ba_JaffaCakes118

  • Size

    188KB

  • Sample

    240818-l3wvja1fjj

  • MD5

    a65a4f6e4d7d1b588fda34ceea52f1ba

  • SHA1

    6bb4bf9303f2dc4c6935b980ca46546a7373866e

  • SHA256

    91182aa8c9b7e12d17ea9884050f5a384767738f17f7daf7fc73fc67d0e2f702

  • SHA512

    9b09fb1be1bddb1f4b894c202740a6a3695665a9f29531a1540264c7c5f81b4c21ba8a33f1883471ef3143ffd0a0f9edcf3055eabcd05eb9de51d8d4060c2245

  • SSDEEP

    3072:j798NWgD6dHpnzKq+JjlXMV+YyhH5CfEgleHQhHZ4P6nveL6LPOdUAH/UDsAsPa9:j798NWgeDz0jRgCHsMlQZRvgtH/UsAs+

Score
10/10
isrstealerdiscoveryspywarestealertrojan

Malware Config

Targets

    • Target

      a65a4f6e4d7d1b588fda34ceea52f1ba_JaffaCakes118

    • Size

      188KB

    • MD5

      a65a4f6e4d7d1b588fda34ceea52f1ba

    • SHA1

      6bb4bf9303f2dc4c6935b980ca46546a7373866e

    • SHA256

      91182aa8c9b7e12d17ea9884050f5a384767738f17f7daf7fc73fc67d0e2f702

    • SHA512

      9b09fb1be1bddb1f4b894c202740a6a3695665a9f29531a1540264c7c5f81b4c21ba8a33f1883471ef3143ffd0a0f9edcf3055eabcd05eb9de51d8d4060c2245

    • SSDEEP

      3072:j798NWgD6dHpnzKq+JjlXMV+YyhH5CfEgleHQhHZ4P6nveL6LPOdUAH/UDsAsPa9:j798NWgeDz0jRgCHsMlQZRvgtH/UsAs+

    Score
    10/10
    isrstealerdiscoveryspywarestealertrojan

    • ISR Stealer

      ISR Stealer is a modified version of Hackhound Stealer written in visual basic.

      trojanstealerisrstealer

    • ISR Stealer payload

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

      spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks