elysiumstealer | 4ffa12830e946bd9a968f9e3d79e7dac613d22465e72cc4492aff6d86991f73f | Triage

Submit
Reports

Overview

overview

Static

static

FortniteCh....0.exe

windows7-x64

FortniteCh....0.exe

windows10-1703-x64

FortniteCh....0.exe

windows10-2004-x64

FortniteCh....0.exe

windows11-21h2-x64

Sharing

General

Target

FortniteChecker.v.2.0.0 (1).rar
Size

3.8MB
Sample

220804-jxb7tscee4
MD5

094efc8dc9810ff3a32222c5f38a4c2f
SHA1

ef93a672dfa035eb35a7b89ea22d20b62d1743b7
SHA256

4ffa12830e946bd9a968f9e3d79e7dac613d22465e72cc4492aff6d86991f73f
SHA512

9c1b05dded9f811d7e01076f294d05a8963897cf8f36d5b1313fb66d92e243aee270d512d685ffd7dbf522a30131438a8c47c4d4f37abc0e4f47a08d8fa60e39

Score

10^/10

elysiumstealer evasion stealer trojan

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

FortniteChecker.v.2.0.0/ForniteChecker.v2.0.0.exe

Resource

win7-20220715-en

elysiumstealer evasion stealer trojan

windows7-x64

15 signatures

60 seconds

Behavioral task

behavioral2

Sample

FortniteChecker.v.2.0.0/ForniteChecker.v2.0.0.exe

Resource

win10-20220718-en

elysiumstealer evasion stealer trojan

windows10-1703-x64

11 signatures

60 seconds

Behavioral task

behavioral3

Sample

FortniteChecker.v.2.0.0/ForniteChecker.v2.0.0.exe

Resource

win10v2004-20220721-en

elysiumstealer evasion stealer trojan

windows10-2004-x64

16 signatures

60 seconds

Behavioral task

behavioral4

Sample

FortniteChecker.v.2.0.0/ForniteChecker.v2.0.0.exe

Resource

win11-20220223-en

windows11-21h2-x64

0 signatures

60 seconds

Malware Config

Targets

- Target
  
  FortniteChecker.v.2.0.0/ForniteChecker.v2.0.0.exe
- Size
  
  1.8MB
- MD5
  
  6f217b137ff59fd3b821a340c0a35a4e
- SHA1
  
  1e8dc83be90e3b1c369e393032cbece7d65083b3
- SHA256
  
  9e6ebe40697a1fa68ca9208dcbe4f8349f52d288b4ced8bd2b07eec6367e025d
- SHA512
  
  bd5bde451038ba283cc8b0f459f0ef2a89ba0fcee3d6fc1cd246080a84932f1008e681cb608ee40ddc3fb35d37685c3dabf67f8a6686e8650adfba81e431e1dc
Score

10^/10

elysiumstealer evasion stealer trojan
- ElysiumStealer
  ElysiumStealer (previously known as ZeromaxStealer) is an info stealer that can steal login credentials for various accounts.
  stealer elysiumstealer
- ElysiumStealer Support DLL
- ElysiumStealer payload
- UAC bypass
  evasion trojan
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2 behavioral3 behavioral4

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Web Service

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

elysiumstealerevasionstealertrojan

behavioral2

elysiumstealerevasionstealertrojan

behavioral3

elysiumstealerevasionstealertrojan

behavioral4

© 2018-2024

Terms | Privacy