matiex | a0364ae270173830f434eb6a9c5d94f12d748e57fae764ba559e9f15dadcb810 | Triage

Sharing

General

Target

2ac34ae72ffb4a2edba4bee1d4bceb5d.exe
Size

548KB
Sample

211111-t1yv4sggcj
MD5

2ac34ae72ffb4a2edba4bee1d4bceb5d
SHA1

7df833703e8142a8662d754b11fbdd1483844885
SHA256

a0364ae270173830f434eb6a9c5d94f12d748e57fae764ba559e9f15dadcb810
SHA512

ee67edf70cfa26b614fece6e6e0fc713fe99a90699d26d17f9c34c61c33c74e100bd357beec3e44f640d010a46b675980463322433a11ff739b2352df7dd1c8c

Score

10^/10

matiex spyware stealer

Malware Config

Extracted

Family

matiex

Credentials

Protocol: smtp
Host:
smtp.gmail.com
Port:
587
Username:
[email protected]
Password:
alexcacapere123

Extracted

Credentials

Protocol: smtp
Host:
smtp.gmail.com
Port:
587
Username:
[email protected]
Password:
alexcacapere123

Targets

- Target
  
  2ac34ae72ffb4a2edba4bee1d4bceb5d.exe
- Size
  
  548KB
- MD5
  
  2ac34ae72ffb4a2edba4bee1d4bceb5d
- SHA1
  
  7df833703e8142a8662d754b11fbdd1483844885
- SHA256
  
  a0364ae270173830f434eb6a9c5d94f12d748e57fae764ba559e9f15dadcb810
- SHA512
  
  ee67edf70cfa26b614fece6e6e0fc713fe99a90699d26d17f9c34c61c33c74e100bd357beec3e44f640d010a46b675980463322433a11ff739b2352df7dd1c8c
Score

10^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2