Extracted

• • Target

    REVISED_.EXE

  • Size

    579KB

  • MD5

    cbfb94a41abae103511d729b00687c7a

  • SHA1

    f491f44fbbaafb97275cc90ecaa37926534a6151

  • SHA256

    b9d37ce3380de623e8225b466fcd061db7f7828a2e39deace159e5c7f3455015

  • SHA512

    77bfe24a4b0dcc0badcf0b33fd1da5335fadf0e366db4411b0ca130fecefa288006c06cf5bf363edd1b038619e1f8654e0e88020c454e4b0399d906c17128a59

  Score

  10^/10

  matiexcollectionkeyloggerspywarestealer

  • Matiex

    Matiex is a keylogger and infostealer first seen in July 2020.

    stealerkeyloggermatiex

  • Matiex Main Payload

  • Drops startup file

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2