elysiumstealer | 91da0c134350b0c47432593bf1d6d09bab05aa076c94c16cea90404fadbfed7c | Triage

Sharing

General

Target

91da0c134350b0c47432593bf1d6d09bab05aa076c94c16cea90404fadbfed7c
Size

2.0MB
MD5

dc4987d67367520d42467a4c74ccbd7d
SHA1

1f86f81c05502bed9a28768757515dcb43fa6fb0
SHA256

91da0c134350b0c47432593bf1d6d09bab05aa076c94c16cea90404fadbfed7c
SHA512

c8922242702410a508dd3e73e5db8e498fd635671ed51b468164e9003a603f9446980061a4ba34260aeb9fc4072e68af6ed6cbe77fefca641329a97097a3a5f1
SSDEEP

49152:TVfVEVFItr7yP/jxsvShLOyVQDnPP9oqij:TVfVEVFY78LxsahL3iDnPC

Score

10^/10

elysiumstealer neshta

Malware Config

Signatures

Detect Neshta Payload 1 IoCs

resource	yara_rule
sample	family_neshta

ElysiumStealer Payload 1 IoCs

resource	yara_rule
sample	elysiumstealer

Elysiumstealer family
elysiumstealer
Neshta family
neshta

Files

91da0c134350b0c47432593bf1d6d09bab05aa076c94c16cea90404fadbfed7c
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 42KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ