matiex | 786a583ea35093cc588069ed3b8d4dd6dbe8e9edfe68569d3752c6da82db0de1 | Triage

Submit
Reports

Overview

overview

Static

static

INVOICE RE...34.exe

windows7_x64

1

INVOICE RE...34.exe

windows10_x64

Sharing

General

Target

INVOICE RECEIPT NO253334.exe
Size

455KB
Sample

210726-cn1y27ales
MD5

c6b4a2eb53f687988c0427cf752d429f
SHA1

d6b3299043950047524087631f72375b68bfc36d
SHA256

786a583ea35093cc588069ed3b8d4dd6dbe8e9edfe68569d3752c6da82db0de1
SHA512

ded0daa7672ade2aabf1695c67441c0c488b8f44170ebd438105936eeac2a4d9fb7da1aef48565bb42caf6807eb4f0157a0de43ddf4731e5d3c428e8cf034dee

Score

10^/10

matiex keylogger stealer

Static task

static1

Behavioral task

behavioral1

Sample

INVOICE RECEIPT NO253334.exe

Resource

win7v20210410

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

INVOICE RECEIPT NO253334.exe

Resource

win10v20210410

matiex keylogger stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

matiex

C2

https://api.telegram.org/bot1718729558:AAFUftnJNVxfQZ7XrIUEpE1UiXHAYPc6VAQ/sendMessage?chat_id=1841930277

Targets

- Target
  
  INVOICE RECEIPT NO253334.exe
- Size
  
  455KB
- MD5
  
  c6b4a2eb53f687988c0427cf752d429f
- SHA1
  
  d6b3299043950047524087631f72375b68bfc36d
- SHA256
  
  786a583ea35093cc588069ed3b8d4dd6dbe8e9edfe68569d3752c6da82db0de1
- SHA512
  
  ded0daa7672ade2aabf1695c67441c0c488b8f44170ebd438105936eeac2a4d9fb7da1aef48565bb42caf6807eb4f0157a0de43ddf4731e5d3c428e8cf034dee
Score

10^/10

matiex keylogger stealer
- Matiex
  Matiex is a keylogger and infostealer first seen in July 2020.
  stealer keylogger matiex
- Matiex Main Payload
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

matiexkeyloggerstealer

© 2018-2024

Terms | Privacy