Extracted

• • Target

    svshosts.exe

  • Size

    159KB

  • MD5

    0468aeb5cdadca0da63cb44b88ec4ca4

  • SHA1

    90649e464438b5519683253bce862b576a61a67e

  • SHA256

    7ffb1aa685c2c01dff9ccf00d7fcec0be8699e79a55837ad6d8d1997afe9f22a

  • SHA512

    d6339860a625cef9d8702e6ad8e196d6d96574c61f2192b083a313da9ca6060c690de381ffe1fc2877dac89be6320b758aa792814a67c572d8990d200c5549be

  • SSDEEP

    3072:UpxUyGSzNlhedcQlM9DxxyvRhFBnSrbHRXdZczYXhVcsd4fxEvLJSp8Bb8EG:CSSz3qAyvRh3nSrbH1wzijcUOxkH8EG

  Score

  10^/10

  marsstealerdefaultdiscoveryspywarestealer

  • Mars Stealer

    An infostealer written in C++ based on other infostealers.

    stealermarsstealer

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1