Extracted

• • Target

    d99b8e6673cd8a25487bbea1856080fe.exe

  • Size

    446KB

  • MD5

    d99b8e6673cd8a25487bbea1856080fe

  • SHA1

    68ccd5f609e44f25dbfd0f518a0a770aeda31444

  • SHA256

    2fa98cd82e882a468f4dce16d59f30faa6acd4ce3a22fcacbe7325702f3178ab

  • SHA512

    5dfb9017ceaf4a1d951c52eee4aea2bebd47356bb1b313ca07260a6cc12d0d960b5e27a8da9c7c5db823721e60a6247433081f1801447ec59de9031eef47e00f

  Score

  10^/10

  matiexcollectionkeyloggerspywarestealer

  • Matiex

    Matiex is a keylogger and infostealer first seen in July 2020.

    stealerkeyloggermatiex

  • Matiex Main payload

  • Drops startup file

  • Reads user/profile data of local email clients

    Email clients store some user data on disk where infostealers will often target it.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1behavioral2