General

  • Target

    f1a3ae71cced897b8a70543e3c5ee2ef093c6e3e3999801889a66d3235ea8569

  • Size

    110KB

  • Sample

    210913-nevcxagfan

  • MD5

    ff35c31a530fce20dddcfc1af6e5551c

  • SHA1

    da0067ad851a6532a03057535755558114c6c3ae

  • SHA256

    f1a3ae71cced897b8a70543e3c5ee2ef093c6e3e3999801889a66d3235ea8569

  • SHA512

    7f6481fbc9eff1891cc6a51aed61890a4faca14f1569b2c3bbe86b910c1262bb894292eb50dce2a7f152e64ade3ba8360e276cafb50dc19eec42721e74bb9da3

Malware Config

Targets

    • Target

      f1a3ae71cced897b8a70543e3c5ee2ef093c6e3e3999801889a66d3235ea8569

    • Size

      110KB

    • MD5

      ff35c31a530fce20dddcfc1af6e5551c

    • SHA1

      da0067ad851a6532a03057535755558114c6c3ae

    • SHA256

      f1a3ae71cced897b8a70543e3c5ee2ef093c6e3e3999801889a66d3235ea8569

    • SHA512

      7f6481fbc9eff1891cc6a51aed61890a4faca14f1569b2c3bbe86b910c1262bb894292eb50dce2a7f152e64ade3ba8360e276cafb50dc19eec42721e74bb9da3

    • ElysiumStealer

      ElysiumStealer (previously known as ZeromaxStealer) is an info stealer that can steal login credentials for various accounts.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks