matiex | a0364ae270173830f434eb6a9c5d94f12d748e57fae764ba559e9f15dadcb810 | Triage

Sharing

General

Target

2ac34ae72ffb4a2edba4bee1d4bceb5d.exe
Size

548KB
Sample

211111-t1yv4sggcj
MD5

2ac34ae72ffb4a2edba4bee1d4bceb5d
SHA1

7df833703e8142a8662d754b11fbdd1483844885
SHA256

a0364ae270173830f434eb6a9c5d94f12d748e57fae764ba559e9f15dadcb810
SHA512

ee67edf70cfa26b614fece6e6e0fc713fe99a90699d26d17f9c34c61c33c74e100bd357beec3e44f640d010a46b675980463322433a11ff739b2352df7dd1c8c

Score

10^/10

matiex spyware stealer

Malware Config

Extracted

Family

matiex

Credentials

Protocol: smtp
Host:
smtp.gmail.com
Port:
587
Username:
[email protected]
Password:
alexcacapere123

Extracted

Credentials

Protocol: smtp
Host:
smtp.gmail.com
Port:
587
Username:
[email protected]
Password:
alexcacapere123

Targets

- Target
  
  2ac34ae72ffb4a2edba4bee1d4bceb5d.exe
- Size
  
  548KB
- MD5
  
  2ac34ae72ffb4a2edba4bee1d4bceb5d
- SHA1
  
  7df833703e8142a8662d754b11fbdd1483844885
- SHA256
  
  a0364ae270173830f434eb6a9c5d94f12d748e57fae764ba559e9f15dadcb810
- SHA512
  
  ee67edf70cfa26b614fece6e6e0fc713fe99a90699d26d17f9c34c61c33c74e100bd357beec3e44f640d010a46b675980463322433a11ff739b2352df7dd1c8c
Score

10^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2