Extracted

Extracted

• • Target

    bb3cb449d678f2291b44291b0d6793a1.exe

  • Size

    826KB

  • MD5

    bb3cb449d678f2291b44291b0d6793a1

  • SHA1

    672a9b5aa14f8b1e4ece0449e68f2655ad6f9b0f

  • SHA256

    bc15dc3f5b700bba2bfded2b64ce332f88ba4c95d7d543e2d7ad2447ed789f37

  • SHA512

    dcf772d5ab7f6c5f08cdc4160df0f481a119128bc02de5b9cfd8d8d38690e96544dd9c19c64af987d2ab8efdc7f3d60ffb8603387fc2b31ad28795ce178d9825

  Score

  10^/10

  matiexkeyloggerspywarestealer

  • Matiex

    Matiex is a keylogger and infostealer first seen in July 2020.

    stealerkeyloggermatiex

  • Matiex Main Payload

  • Reads user/profile data of local email clients

    Email clients store some user data on disk where infostealers will often target it.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2