erbium | 69e4e2718b501160ab05c876598a1c5e8cf92c2a1f03b9f2119abccc4dda9c2d | Triage

Submit
Reports

Overview

overview

Static

static

101c37f510...a5.exe

windows7-x64

101c37f510...a5.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

8097417003.zip
Size

134KB
Sample

221018-tcxm5sgfer
MD5

027fa8112c63a378c551115e71ab2eec
SHA1

8cb13b4a88343159f1fdc216cdcf4fb09692792d
SHA256

69e4e2718b501160ab05c876598a1c5e8cf92c2a1f03b9f2119abccc4dda9c2d
SHA512

fee7257c24e5442f19c27d60b8aacaf7e3a072a822cc3bde32be3ae3163952c5377e43ffdaab461fedc25c6a20ec1685ec27da84c5d8746ef8378722a091f2e2
SSDEEP

3072:9Em98FzCzgSBwsjx/fOCKrMMC1MPijillJrmxyJn:96Fm4sj1mCKH6MPiji0qn

Score

10^/10

erbium stealer

Static task

static1

Behavioral task

behavioral1

Sample

101c37f51058c2da345c945bf25c9a9f5fd5de8eba98749050e920eac5c93fa5.exe

Resource

win7-20220812-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

101c37f51058c2da345c945bf25c9a9f5fd5de8eba98749050e920eac5c93fa5.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

erbium

C2

http://77.73.133.53/cloud/index.php

Targets

- Target
  
  101c37f51058c2da345c945bf25c9a9f5fd5de8eba98749050e920eac5c93fa5
- Size
  
  236KB
- MD5
  
  c0cc624641800fe75cba37a1be49be6a
- SHA1
  
  11dee27919eed609a0f0604c724f5ea69bd5cb42
- SHA256
  
  101c37f51058c2da345c945bf25c9a9f5fd5de8eba98749050e920eac5c93fa5
- SHA512
  
  6af392d86cd73d6fd9afd65ca88eb550173eafd56c61e6a9fc47fa6f91e0d4a8ee0bc607fe2e8fa604b4d6d6498c1f46d440974d06cd724bbbd9e928fa9c95f4
- SSDEEP
  
  6144:jj1K7XyVTg6DV75cWdmrEfFd5BBB2BBBBUABBBBBBBBBBBBBBBBTaIQAOfDDy84X:o7XyVTDDlPFd5BBB2BBBBUABBBBBBBBX
Score

10^/10

erbium stealer
- Erbium
  Erbium is an infostealer written in C++ and first seen in July 2022.
  stealer erbium
- Downloads MZ/PE file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy