Overview

overview

10

Static

static

3

JaffaCakes...4c.exe

windows7-x64

10

JaffaCakes...4c.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_03507c5f564fdaa2e852a08816fb2c4c

  • Size

    252KB

  • Sample

    250121-kfxymsvpgq

  • MD5

    03507c5f564fdaa2e852a08816fb2c4c

  • SHA1

    2b0dc8fdc63e769e7a974cf99481e6f65904d729

  • SHA256

    3d7c8a42946451e1e1a6f785ec3ac4e124fdb86327b9c1b5e4ae17ecd1917803

  • SHA512

    244d8ae77e756800a5b929a29f367835165a365826468a22c0da8e5974149d90a5dd02c41c8e71ebbc714fae75258afc0b52a5fdd142e1bc3199101488ddbbc4

  • SSDEEP

    6144:Y1H8haUM1D+dUxUun1hprvT0u4kXFO76X451p:YW0D+dUKunzVr0uTXFOu451p

Score
10/10
isrstealerdiscoverystealertrojanupx

Malware Config

Targets

    • Target

      JaffaCakes118_03507c5f564fdaa2e852a08816fb2c4c

    • Size

      252KB

    • MD5

      03507c5f564fdaa2e852a08816fb2c4c

    • SHA1

      2b0dc8fdc63e769e7a974cf99481e6f65904d729

    • SHA256

      3d7c8a42946451e1e1a6f785ec3ac4e124fdb86327b9c1b5e4ae17ecd1917803

    • SHA512

      244d8ae77e756800a5b929a29f367835165a365826468a22c0da8e5974149d90a5dd02c41c8e71ebbc714fae75258afc0b52a5fdd142e1bc3199101488ddbbc4

    • SSDEEP

      6144:Y1H8haUM1D+dUxUun1hprvT0u4kXFO76X451p:YW0D+dUKunzVr0uTXFOu451p

    Score
    10/10
    isrstealerdiscoverystealertrojanupx

    • ISR Stealer

      ISR Stealer is a modified version of Hackhound Stealer written in visual basic.

      trojanstealerisrstealer

    • ISR Stealer payload

    • Isrstealer family

      isrstealer

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks