vulturi | fe3868de44639e4db971bc2600cdcd55c09e1500a1e9a3cb7a8d22f1867c795c | Triage

Submit
Reports

Overview

overview

Static

static

fe3868de44...5c.exe

windows7_x64

fe3868de44...5c.exe

windows10-2004_x64

Sharing

General

Target

fe3868de44639e4db971bc2600cdcd55c09e1500a1e9a3cb7a8d22f1867c795c.bin
Size

3.7MB
Sample

220714-kqngysfafl
MD5

2006a4de01e8d2330d684c44b824ed52
SHA1

21aafc6bf52e3765b9538d5de5eacbe3fbb7d4f8
SHA256

fe3868de44639e4db971bc2600cdcd55c09e1500a1e9a3cb7a8d22f1867c795c
SHA512

be80a27e54891d8350116daeb3cc652e5071c904cf22bbad1b45931a3f432ac1b9e4b9f0dca2dd481eb485e19a28e9bcaeb6b1448f2b4abb50de3a90eee54a01

Score

10^/10

vulturi stealer

Static task

static1

Behavioral task

behavioral1

Sample

fe3868de44639e4db971bc2600cdcd55c09e1500a1e9a3cb7a8d22f1867c795c.exe

Resource

win7-20220414-en

vulturi stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

fe3868de44639e4db971bc2600cdcd55c09e1500a1e9a3cb7a8d22f1867c795c.exe

Resource

win10v2004-20220414-en

vulturi stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

vulturi

C2

http://154.53.33.203:5050/gate

Attributes

c2_encryption_key
testkey
c2_user
root

Targets

- Target
  
  fe3868de44639e4db971bc2600cdcd55c09e1500a1e9a3cb7a8d22f1867c795c.bin
- Size
  
  3.7MB
- MD5
  
  2006a4de01e8d2330d684c44b824ed52
- SHA1
  
  21aafc6bf52e3765b9538d5de5eacbe3fbb7d4f8
- SHA256
  
  fe3868de44639e4db971bc2600cdcd55c09e1500a1e9a3cb7a8d22f1867c795c
- SHA512
  
  be80a27e54891d8350116daeb3cc652e5071c904cf22bbad1b45931a3f432ac1b9e4b9f0dca2dd481eb485e19a28e9bcaeb6b1448f2b4abb50de3a90eee54a01
Score

10^/10

vulturi stealer
- Vulturi
  An info stealer written in C# and first seen in January 2021.
  stealer vulturi
- Vulturi payload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy