General

  • Target

    95dcd78b32e3ad8894154d10d3adb4942921f78cb95e95c1dcf62de5a0fd9f32

  • Size

    456KB

  • Sample

    220501-3j7lcseec6

  • MD5

    f8f5db7bd7d752e5ce0c1b4403f1d6fa

  • SHA1

    d400f38200a58a4da67fcc8dfc5c4a57daaa2cda

  • SHA256

    95dcd78b32e3ad8894154d10d3adb4942921f78cb95e95c1dcf62de5a0fd9f32

  • SHA512

    054bc98a671892ccc074133beecd4dd1101eca55ae5a608b6e611f04ebe706beec73f7d870e1ae62c7ab9832fb607e858c129f003db7985676dc42b5c50540af

Malware Config

Targets

    • Target

      95dcd78b32e3ad8894154d10d3adb4942921f78cb95e95c1dcf62de5a0fd9f32

    • Size

      456KB

    • MD5

      f8f5db7bd7d752e5ce0c1b4403f1d6fa

    • SHA1

      d400f38200a58a4da67fcc8dfc5c4a57daaa2cda

    • SHA256

      95dcd78b32e3ad8894154d10d3adb4942921f78cb95e95c1dcf62de5a0fd9f32

    • SHA512

      054bc98a671892ccc074133beecd4dd1101eca55ae5a608b6e611f04ebe706beec73f7d870e1ae62c7ab9832fb607e858c129f003db7985676dc42b5c50540af

    • ElysiumStealer

      ElysiumStealer (previously known as ZeromaxStealer) is an info stealer that can steal login credentials for various accounts.

    • ElysiumStealer Payload

    • ElysiumStealer Support DLL

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks