erbium | 320768f639fab3b6d3832c460fabb34f6938156af39421d94ce1bc9037bd0757 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

MetaLauncher.exe
Size

2.5MB
Sample

221017-hcmbmaahb8
MD5

adb6a392e4b6ca068c380bdac98b2522
SHA1

b6e1318fbeba0e0deb7e31f4041fb4dd72e83701
SHA256

320768f639fab3b6d3832c460fabb34f6938156af39421d94ce1bc9037bd0757
SHA512

ea82b34649beeceab7d637bd7f49a0ee8ade5d45a283233f1f6260cc163e8dc88d29f481def496be387a805309f83b37ba5a6e7f46eaa5cfa3fcc931f9b5ccd5
SSDEEP

24576:y+JbPh21BFO9OVVCsjYyYpwykl36WMCMdXBN4ZO7T1qhfHeHLMlhvMTTw5l3RuQj:Jxpqe9sVCSQjBqhfHeHYlhG05l3D

Score

10^/10

erbium stealer

Malware Config

Extracted

Family

erbium

C2

http://77.73.133.53/cloud/index.php

Targets

- Target
  
  MetaLauncher.exe
- Size
  
  2.5MB
- MD5
  
  adb6a392e4b6ca068c380bdac98b2522
- SHA1
  
  b6e1318fbeba0e0deb7e31f4041fb4dd72e83701
- SHA256
  
  320768f639fab3b6d3832c460fabb34f6938156af39421d94ce1bc9037bd0757
- SHA512
  
  ea82b34649beeceab7d637bd7f49a0ee8ade5d45a283233f1f6260cc163e8dc88d29f481def496be387a805309f83b37ba5a6e7f46eaa5cfa3fcc931f9b5ccd5
- SSDEEP
  
  24576:y+JbPh21BFO9OVVCsjYyYpwykl36WMCMdXBN4ZO7T1qhfHeHLMlhvMTTw5l3RuQj:Jxpqe9sVCSQjBqhfHeHYlhG05l3D
Score

10^/10

erbium stealer
- Erbium
  Erbium is an infostealer written in C++ and first seen in July 2022.
  stealer erbium
- Downloads MZ/PE file
- Suspicious use of SetThreadContext
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3