matiex | 3edffff5d0b4676e82651d831ec9081d9a142f91279b1c17c279d27f42089d97 | Triage

Submit
Reports

Overview

overview

Static

static

New Order.exe

windows7_x64

1

New Order.exe

windows10-2004_x64

Sharing

General

Target

3edffff5d0b4676e82651d831ec9081d9a142f91279b1c17c279d27f42089d97
Size

491KB
Sample

220208-b5g42sbgdk
MD5

a4da82c7e559d01b755e9225ecda9023
SHA1

bd64f29df65a3357a2d9b303a60de10d0219d351
SHA256

3edffff5d0b4676e82651d831ec9081d9a142f91279b1c17c279d27f42089d97
SHA512

5d246408a6bddcd88ebf96692f889ed65efbe1c51ad56f3c8354c2c8f07b70cf0c6a0a90a061e6dc25f89bc9a634260f6968796f9471efb8d8a008f313f832c7

Score

10^/10

matiex collection keylogger stealer

Static task

static1

Behavioral task

behavioral1

Sample

New Order.exe

Resource

win7-en-20211208

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

New Order.exe

Resource

win10v2004-en-20220113

matiex collection keylogger stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

matiex

Credentials

Protocol: smtp
Host:
mail.cleo2solutions.com.au
Port:
25
Username:
[email protected]
Password:
Enter@123

Targets

- Target
  
  New Order.exe
- Size
  
  699KB
- MD5
  
  973f5e36b9bda2af1fc4ac6681d6c352
- SHA1
  
  86de1a7dd22248e40e724acf6abe3aa78815e13c
- SHA256
  
  9a7ead1cdae41a3f396acb728cfd16e137e98070690f2ac90b5f1445474bec8c
- SHA512
  
  865f8ecc9b607a049c4e613bfff65906cab0a3d1425b92ef0931a33d89618c9cf9b5febca3e6229dc3b311d0bdc19b82bd8bcb8e9dc1c89fc3f881f1085333fe
Score

10^/10

matiex collection keylogger stealer
- Matiex
  Matiex is a keylogger and infostealer first seen in July 2020.
  stealer keylogger matiex
- Matiex Main Payload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

matiexcollectionkeyloggerstealer

© 2018-2024

Terms | Privacy