matiex | 0dc02738b4f4ff0ec647c5db409d884b67275abae3f3373931e03aff4d15c705 | Triage

Submit
Reports

Overview

overview

Static

static

1

n545687654...n9.exe

windows7_x64

7

n545687654...n9.exe

windows10_x64

Sharing

General

Target

n545687654589b87656n9.exe
Size

290KB
Sample

210922-gfqyjsecej
MD5

fe8171a07860b995e5b676df7af4917f
SHA1

05143b3155f467d7d2c859199edc1f3b5fba86d1
SHA256

0dc02738b4f4ff0ec647c5db409d884b67275abae3f3373931e03aff4d15c705
SHA512

0de21298f5d678d5f9217961cff78f7e627e7d8f291f303c7f9c74c6c6d63affc6b9f1ea225254feae954fdbe7fb0b559047b76e05b8dcc48aa886a9b0881392

Score

10^/10

matiex keylogger stealer suricata

Static task

static1

Behavioral task

behavioral1

Sample

n545687654589b87656n9.exe

Resource

win7v20210408

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

n545687654589b87656n9.exe

Resource

win10-en-20210920

matiex keylogger stealer suricata

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

matiex

C2

https://api.telegram.org/bot1395392888:AAFrJovDdZICOFB0gX0eGWrAUzEKCRpv8xo/sendMessage?chat_id=1300181783

Targets

- Target
  
  n545687654589b87656n9.exe
- Size
  
  290KB
- MD5
  
  fe8171a07860b995e5b676df7af4917f
- SHA1
  
  05143b3155f467d7d2c859199edc1f3b5fba86d1
- SHA256
  
  0dc02738b4f4ff0ec647c5db409d884b67275abae3f3373931e03aff4d15c705
- SHA512
  
  0de21298f5d678d5f9217961cff78f7e627e7d8f291f303c7f9c74c6c6d63affc6b9f1ea225254feae954fdbe7fb0b559047b76e05b8dcc48aa886a9b0881392
Score

10^/10

matiex keylogger stealer suricata
- Matiex
  Matiex is a keylogger and infostealer first seen in July 2020.
  stealer keylogger matiex
- Matiex Main Payload
- suricata: ET MALWARE Matiex Keylogger Exfil Via Telegram
  suricata: ET MALWARE Matiex Keylogger Exfil Via Telegram
  suricata
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

matiexkeyloggerstealersuricata

© 2018-2024

Terms | Privacy