isrstealer | ae042d2e4e5d411e544f4bf00a5c8499f7c224f442f854feb4e61f705b562b02

General

Target

JaffaCakes118_638f0a2333f81bb929cfc47b16e4057d
Size

1.2MB
Sample

250102-jfraes1mat
MD5

638f0a2333f81bb929cfc47b16e4057d
SHA1

5f8d13e6d5647c6380a6e9670d3279cca8de5eae
SHA256

ae042d2e4e5d411e544f4bf00a5c8499f7c224f442f854feb4e61f705b562b02
SHA512

fafbd9aa10c2f26ffabce7fedb70f6f4929d9d017233b015cf9df9ef472cf752f42bda0cf7aebf22291cffafc9315ad6fcf730f6760b1d3c55b6cce9e080f8e5
SSDEEP

24576:1qXdDeWY6yHlb05btx6O4W0uAp7UGpV83NfmNbP2:1QdCJ0M5nTDj2

Score

10^/10

Malware Config

Targets

- Target
  
  JaffaCakes118_638f0a2333f81bb929cfc47b16e4057d
- Size
  
  1.2MB
- MD5
  
  638f0a2333f81bb929cfc47b16e4057d
- SHA1
  
  5f8d13e6d5647c6380a6e9670d3279cca8de5eae
- SHA256
  
  ae042d2e4e5d411e544f4bf00a5c8499f7c224f442f854feb4e61f705b562b02
- SHA512
  
  fafbd9aa10c2f26ffabce7fedb70f6f4929d9d017233b015cf9df9ef472cf752f42bda0cf7aebf22291cffafc9315ad6fcf730f6760b1d3c55b6cce9e080f8e5
- SSDEEP
  
  24576:1qXdDeWY6yHlb05btx6O4W0uAp7UGpV83NfmNbP2:1QdCJ0M5nTDj2
Score

10^/10

isrstealer discovery stealer trojan upx
- ISR Stealer
  ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
  trojan stealer isrstealer
- ISR Stealer payload
- Isrstealer family
  isrstealer
- Executes dropped EXE
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

1

T1059

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

ISR Stealer

ISR Stealer payload

Isrstealer family

Executes dropped EXE

Uses the VBS compiler for execution

Suspicious use of SetThreadContext

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2