General

  • Target

    36b8ee01443c30439196c527d6826884de2e6cd8d5537b8b1a44ede24c55c6ce

  • Size

    80KB

  • Sample

    210913-neacqsded4

  • MD5

    3d330c6e2e14c3e682aec36e1abeb028

  • SHA1

    59665acd4f6398afb4d5ab515e95a886648f161c

  • SHA256

    36b8ee01443c30439196c527d6826884de2e6cd8d5537b8b1a44ede24c55c6ce

  • SHA512

    e4c5b6570d3823f985e5516dbb9917f3c9c3ccd7a780de1e7cd179f7f338f0d0579e62d988898ae7002e774daec3bf6a29d5d87b5e70cb43e6b06ad627e984c3

Malware Config

Targets

    • Target

      36b8ee01443c30439196c527d6826884de2e6cd8d5537b8b1a44ede24c55c6ce

    • Size

      80KB

    • MD5

      3d330c6e2e14c3e682aec36e1abeb028

    • SHA1

      59665acd4f6398afb4d5ab515e95a886648f161c

    • SHA256

      36b8ee01443c30439196c527d6826884de2e6cd8d5537b8b1a44ede24c55c6ce

    • SHA512

      e4c5b6570d3823f985e5516dbb9917f3c9c3ccd7a780de1e7cd179f7f338f0d0579e62d988898ae7002e774daec3bf6a29d5d87b5e70cb43e6b06ad627e984c3

    • ElysiumStealer

      ElysiumStealer (previously known as ZeromaxStealer) is an info stealer that can steal login credentials for various accounts.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks