Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
JaffaCakes118_eff7824cf7c1a23477bca1c80a555e84
-
Size
435KB
-
Sample
250212-nq347azjgk
-
MD5
eff7824cf7c1a23477bca1c80a555e84
-
SHA1
0f1b679a7753a8f84f8408ffe65199580ba49d51
-
SHA256
84a74f4f38b3387cc309a6c7be50b2e07ea8460020d5fc8112d75227b4b497c3
-
SHA512
97801f5f205b3292a89241eb49c0e85cf5b593588fe88133f71ba62b814a59d9c3bc550ff6bf9a1f423dd8445d7ebedda9132ef56a1aeb9def66875b0cd67847
-
SSDEEP
6144:ibxsCQd/nzu7YjOuBh5MtH7UYALAa93dEqUqO4Nra3UI41fbCK2vEd:itsC+/ntKuBhC5lWF9tRjVriJK2
Malware Config
Targets
-
-
Target
JaffaCakes118_eff7824cf7c1a23477bca1c80a555e84
-
Size
435KB
-
MD5
eff7824cf7c1a23477bca1c80a555e84
-
SHA1
0f1b679a7753a8f84f8408ffe65199580ba49d51
-
SHA256
84a74f4f38b3387cc309a6c7be50b2e07ea8460020d5fc8112d75227b4b497c3
-
SHA512
97801f5f205b3292a89241eb49c0e85cf5b593588fe88133f71ba62b814a59d9c3bc550ff6bf9a1f423dd8445d7ebedda9132ef56a1aeb9def66875b0cd67847
-
SSDEEP
6144:ibxsCQd/nzu7YjOuBh5MtH7UYALAa93dEqUqO4Nra3UI41fbCK2vEd:itsC+/ntKuBhC5lWF9tRjVriJK2
Score10/10-
ISR Stealer
ISR Stealer is a modified version of Hackhound Stealer written in visual basic.
-
ISR Stealer payload
-
Isrstealer family
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-