matiex | 9c3352f10d1219bd3a932ff49aef99826d43a134d1f0e553e6af1ed8e428a47f | Triage

Submit
Reports

Overview

overview

Static

static

Payment No...on.exe

windows7_x64

1

Payment No...on.exe

windows10-2004_x64

Sharing

General

Target

9c3352f10d1219bd3a932ff49aef99826d43a134d1f0e553e6af1ed8e428a47f
Size

754KB
Sample

220221-myv8wahfc2
MD5

cae4507cb25f5b0f68b74418a2ee2bc1
SHA1

4d42df00e2f858397c335af6c848a4e7bb67e122
SHA256

9c3352f10d1219bd3a932ff49aef99826d43a134d1f0e553e6af1ed8e428a47f
SHA512

38cd82c9d6abca068e8f955fce683af1c4f14526ae18a6de001466af5ca1c16bbd1dc29c791ec43d7e9d26dabda01512f38a1e7fb51a6f7db24c064f078fa861

Score

10^/10

matiex keylogger stealer

Static task

static1

Behavioral task

behavioral1

Sample

Payment Notification.exe

Resource

win7-en-20211208

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Payment Notification.exe

Resource

win10v2004-en-20220112

matiex keylogger stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

matiex

Credentials

Protocol: smtp
Host:
mail.revistaeducar.com.ar
Port:
25
Username:
[email protected]
Password:
somchai#3774

Targets

- Target
  
  Payment Notification.exe
- Size
  
  1.0MB
- MD5
  
  22d61a1e0f48b05fec1a4cf9da160b16
- SHA1
  
  68826094caeffc43d24ddf0d2ad1c6ed5e961272
- SHA256
  
  78f08071af81517d374179110b8018fce8d6670abd110ab76fdf811a08761ad4
- SHA512
  
  760c4b4b9fdc3fca93129a0bc973e27bbe8e9d696baae51509a70dc8a8f0fc1ad8a1fa5801c9f21cacfea66bc728de1102f868d1a348fde1350f42d337d2df5d
Score

10^/10

matiex keylogger stealer
- Matiex
  Matiex is a keylogger and infostealer first seen in July 2020.
  stealer keylogger matiex
- Matiex Main Payload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

matiexkeyloggerstealer

© 2018-2024

Terms | Privacy