General

  • Target

    f43d4610e84b7c370096eef673d6f408_JaffaCakes118

  • Size

    224KB

  • Sample

    241215-qvjx8axlfm

  • MD5

    f43d4610e84b7c370096eef673d6f408

  • SHA1

    2703a47ada67df6398453be08ca09738a7ce53fd

  • SHA256

    1ddf8a153a5b8714ea046590303f1297c6f3cf02ff43b183c932f81de23f2704

  • SHA512

    870e7e900c3507db2203dab3737d11c69584a2578040a104d00daf1a98baf437f5dfb0a72d5014b2174d20a128bc01e525ca09c5f8e0eaec9ff68857b9a9bad0

  • SSDEEP

    3072:2pR7bg14YQtdOozHiIkVGw4rPlXv4hpBbi9R7urAcP7ruXg:2Tbg1DQtdjHyKZ4hO9BurAcF

Malware Config

Targets

    • Target

      f43d4610e84b7c370096eef673d6f408_JaffaCakes118

    • Size

      224KB

    • MD5

      f43d4610e84b7c370096eef673d6f408

    • SHA1

      2703a47ada67df6398453be08ca09738a7ce53fd

    • SHA256

      1ddf8a153a5b8714ea046590303f1297c6f3cf02ff43b183c932f81de23f2704

    • SHA512

      870e7e900c3507db2203dab3737d11c69584a2578040a104d00daf1a98baf437f5dfb0a72d5014b2174d20a128bc01e525ca09c5f8e0eaec9ff68857b9a9bad0

    • SSDEEP

      3072:2pR7bg14YQtdOozHiIkVGw4rPlXv4hpBbi9R7urAcP7ruXg:2Tbg1DQtdjHyKZ4hO9BurAcF

    • ISR Stealer

      ISR Stealer is a modified version of Hackhound Stealer written in visual basic.

    • ISR Stealer payload

    • Isrstealer family

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.