Overview

overview

10

Static

static

dd91fd8e2a...75.exe

windows7-x64

10

dd91fd8e2a...75.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dd91fd8e2acbff3a3af96b83dce88775.exe

  • Size

    159KB

  • Sample

    220808-gxl1xsgfe3

  • MD5

    dd91fd8e2acbff3a3af96b83dce88775

  • SHA1

    2a0d1559fd52c1bc5685349bdc75399031c472d1

  • SHA256

    b1e62cecdf705a662dc9638e12d238378e2775d75b3aa63a01552dee8d5da346

  • SHA512

    65469383f280f8c9e0a47724714754ec11ad3898bc3e3bd0072ee5fdb3d940741392d21df56e6f960b6e3d13ea86b4695653a3e9a476bfb40dd08263c17acf2b

  • SSDEEP

    3072:U5MAV02Ri1/QlWJb317O5q1nC9zuUJ4MhjjwrXVNov5JSp8Bb8EG:MMAV02Y16ibVEq44UJ4BTVNo98EG

Score
10/10
marsstealerdefaultstealer

Malware Config

Extracted

Family

marsstealer

Botnet

Default

C2

54.159.203.55/Nihuya.php

Targets

    • Target

      dd91fd8e2acbff3a3af96b83dce88775.exe

    • Size

      159KB

    • MD5

      dd91fd8e2acbff3a3af96b83dce88775

    • SHA1

      2a0d1559fd52c1bc5685349bdc75399031c472d1

    • SHA256

      b1e62cecdf705a662dc9638e12d238378e2775d75b3aa63a01552dee8d5da346

    • SHA512

      65469383f280f8c9e0a47724714754ec11ad3898bc3e3bd0072ee5fdb3d940741392d21df56e6f960b6e3d13ea86b4695653a3e9a476bfb40dd08263c17acf2b

    • SSDEEP

      3072:U5MAV02Ri1/QlWJb317O5q1nC9zuUJ4MhjjwrXVNov5JSp8Bb8EG:MMAV02Y16ibVEq44UJ4BTVNo98EG

    Score
    10/10
    marsstealerdefaultstealer

    • Mars Stealer

      An infostealer written in C++ based on other infostealers.

      stealermarsstealer
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks