isrstealer | 2d6dd4e0930c8be5bf4c7f3aad89dfdd8c0b00dd6a5b017feb07a96d441ef33f | Triage

Submit
Reports

Overview

overview

Static

static

f8ef2245b1...18.exe

windows7-x64

7

f8ef2245b1...18.exe

windows10-2004-x64

7

Sharing

General

Target

f8ef2245b1993ef98673420529fdf45d_JaffaCakes118
Size

204KB
Sample

240926-wp1axatcjb
MD5

f8ef2245b1993ef98673420529fdf45d
SHA1

45a6a50bdda185c678966b626fe1f174ef1eb0e5
SHA256

2d6dd4e0930c8be5bf4c7f3aad89dfdd8c0b00dd6a5b017feb07a96d441ef33f
SHA512

449d2aa4c0b436468e4910afa90b04927addbcf5a2cb905bf5cb3f3b8f5caabd8ba6aa1905f38c0977a076f1e1dc11d93eb34f15666b77d211bfa0f3144abcd6
SSDEEP

3072:rTqPRIyeIKDWx85IOlKeJVos/8eRwXiUUAdV95I4Rp+LH1xrl3Ez8ub8XrDFr:rTqPRIdIKCC0ef//uXltKc+LVsz9b8

Score

10^/10

isrstealer discovery spyware stealer upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

f8ef2245b1993ef98673420529fdf45d_JaffaCakes118.exe

Resource

win7-20240708-en

discovery spyware stealer upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

f8ef2245b1993ef98673420529fdf45d_JaffaCakes118.exe

Resource

win10v2004-20240802-en

discovery spyware stealer upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  f8ef2245b1993ef98673420529fdf45d_JaffaCakes118
- Size
  
  204KB
- MD5
  
  f8ef2245b1993ef98673420529fdf45d
- SHA1
  
  45a6a50bdda185c678966b626fe1f174ef1eb0e5
- SHA256
  
  2d6dd4e0930c8be5bf4c7f3aad89dfdd8c0b00dd6a5b017feb07a96d441ef33f
- SHA512
  
  449d2aa4c0b436468e4910afa90b04927addbcf5a2cb905bf5cb3f3b8f5caabd8ba6aa1905f38c0977a076f1e1dc11d93eb34f15666b77d211bfa0f3144abcd6
- SSDEEP
  
  3072:rTqPRIyeIKDWx85IOlKeJVos/8eRwXiUUAdV95I4Rp+LH1xrl3Ez8ub8XrDFr:rTqPRIdIKCC0ef//uXltKc+LVsz9b8
Score

7^/10

discovery spyware stealer upx
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of SetThreadContext
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealerupx

behavioral2

discoveryspywarestealerupx

© 2018-2024

Terms | Privacy