e72eb9d920c4df03db89207fa851b8b1c65dab237ca227fe862267d767e1ab48

Sharing

Copy URL

Twitter E-mail

General

Target

Stealerium.zip
Size

2.0MB
Sample

221121-2jm2aadd6y
MD5

51a641e5e150186fa9fa7c848262fa39
SHA1

dca19f22cf6eacc1defacd9e80cf1009580270cc
SHA256

e72eb9d920c4df03db89207fa851b8b1c65dab237ca227fe862267d767e1ab48
SHA512

02629917b29ee5f5343aadcb81f6086d4c4a3dc09147dd1efa351416562f108bb361e6907889e6946eb289985029fe4849a0411e337fbceb907e9d9806a367bf
SSDEEP

49152:jpoXiAu/KSwV6Bl2JZtJPyYlzqe07Zcu9XSEz+nVSVkCKmFBIr9u9u:jm1u/wVjtUOzN07r+nQwUgu8

Score

7^/10

microsoft phishing

Malware Config

Targets

- Target
  
  Stealerium.zip
- Size
  
  2.0MB
- MD5
  
  51a641e5e150186fa9fa7c848262fa39
- SHA1
  
  dca19f22cf6eacc1defacd9e80cf1009580270cc
- SHA256
  
  e72eb9d920c4df03db89207fa851b8b1c65dab237ca227fe862267d767e1ab48
- SHA512
  
  02629917b29ee5f5343aadcb81f6086d4c4a3dc09147dd1efa351416562f108bb361e6907889e6946eb289985029fe4849a0411e337fbceb907e9d9806a367bf
- SSDEEP
  
  49152:jpoXiAu/KSwV6Bl2JZtJPyYlzqe07Zcu9XSEz+nVSVkCKmFBIr9u9u:jm1u/wVjtUOzN07r+nQwUgu8
Score

1^/10
behavioral1
- Target
  
  Builder.deps.json
- Size
  
  1KB
- MD5
  
  c08654c444bdf1cba630e6c7b3d9e20e
- SHA1
  
  c85db15540bbee453e22f0d367f19cd8892e9764
- SHA256
  
  91d6e23c3aba1d4f9725275c32257b9a272f07e5d761446499561415158ffbd3
- SHA512
  
  e4412f28f54bcc42ade8f009adfeba01868ac84b67aed668853ec39e920dfe166ea71badc1cda8c2fb974855906f8152672ce08b36d387ba62a5d9a1a3fdf020
Score

3^/10
behavioral2
- Target
  
  Builder.dll
- Size
  
  13KB
- MD5
  
  d70e30839037f4d680d1796af6c7cba2
- SHA1
  
  590abe950e12862f4512e59f380a45b8cddc4eb9
- SHA256
  
  1aa1e67828a71392d9fdccb43990b9a856798689e6662d212eaafebc4cb18f19
- SHA512
  
  b6076c96ed2d993fee6fb0abe983707d77be36f9c191c519cd03863b88e500920054fd16cdca00a2669d927bdd2d5e903b6426ed0073e9a0b9877dfc5b68c392
- SSDEEP
  
  192:W6v5XdnAGznQJ3ZD1MuBcj1RgUyqAakTslfV4OTsFLvCNg9+bpkRpdTlxFZTaE:W6/AMQRJ1W1RgU7AaWsLsFIgTTy
Score

1^/10
behavioral3
- Target
  
  Builder.exe
- Size
  
  145KB
- MD5
  
  0811626b7adf6455106e6ef9965af9ae
- SHA1
  
  93377904329548d4984ce49384f90ee57210edeb
- SHA256
  
  ad07837e851a65f21b6516ada739ba5b11926965ef7dd2f9423d4e12601335af
- SHA512
  
  bdfd0ae70f18f152ade3e19d1cd0349fba21a0253a8527ec1f9b33f08c0ca5dab0801a4d75f31d114d630e9087fabfa1fcf4dd033cedf305d48d9164a1a3e332
- SSDEEP
  
  3072:9wLEVbLoEZljy9611VBzEkjqr15MX7aSJJiGmp:9RXy9611VBzwU2S/iGm
Score

1^/10
behavioral4
- Target
  
  Builder.pdb
- Size
  
  12KB
- MD5
  
  85b0cdf72bf151b0957ad12e79f7b651
- SHA1
  
  70fe3e8d2f8938538328d55211840cb8329d4be4
- SHA256
  
  e5abc31b9c3898be3e90927a9e3c9ee8bbb00df43eaeeb8b388fa97d09cada28
- SHA512
  
  bd0fa81d5c1ff9c3846e245df35ddaae2c792f07dc2bb0e023ecc95b2a2edfce5e5101646d6996ca4fe324779da8f581c9e199b96b8d6a4833ff8ef15082eba0
- SSDEEP
  
  384:rSd4ZZ/TfNaYq3X6QVBmKxWsfisY2mgHdafG4VuMOXqz0ZHucV0aU:rSd4kt5RYk9qUU
Score

3^/10
behavioral5
- Target
  
  Builder.runtimeconfig.json
- Size
  
  253B
- MD5
  
  24e4653829de1022d01cd7ddd26e2f22
- SHA1
  
  9160a009cb381e044ba4c63e4435da6bfeb9dc6d
- SHA256
  
  ded3aeb5856a11db0b654a785574490cab55839ebfb17efe9e39b89618fc5b91
- SHA512
  
  efd4bbba1baec0b47003831510e3aa539db9ef468e0f06ba9d7ba6d0b3800035f7c818d7d90171bfd377ec97d08c4617555bcff635dd83efceb412b1a9cca820
Score

3^/10
behavioral6
- Target
  
  Mono.Cecil.Mdb.dll
- Size
  
  38KB
- MD5
  
  0c4ec4eb146bfe047755669c8060a967
- SHA1
  
  f663cc3bc174a98a49893e0cf334b479b05e453d
- SHA256
  
  61637f9940e5e336571cbf945be0f36d6d6050e06288df0f0232d93b26f0bde7
- SHA512
  
  478dba76de5b20906a31f2ff72a559779a262abe0265d475aa60d555d4f94f79887f237f393f256134be758d565aa46b30a39e81b23e1f3048fc80ab779405af
- SSDEEP
  
  768:WrF3HuZyOt78PeWSTlNeyJOgfGNOV/DVxPVxaCCrHpTFuYL4oWp:WrFecOt78PeWCLOgfGkVzmpTDL4oWp
Score

1^/10
behavioral7
- Target
  
  Mono.Cecil.Pdb.dll
- Size
  
  87KB
- MD5
  
  743102d277a8754dc74f7644e03a8956
- SHA1
  
  31971747d45f995bc8d05c26c728df293a074db6
- SHA256
  
  a5249a04ad8fd7dfd47e4d0a620aed0f7eb6051e1ddec102c541ca3e12f6e2a8
- SHA512
  
  00bb76043a3a147b570e0421f768a2f2238954922c45c611d10d8fd4a1f8ba56da8a7b7377facfe54ff6dbee2d81be87c0d6e3de9e884625697ae478a82677e9
- SSDEEP
  
  1536:QOTXdiVgzDKG2fNRck9FRcXRHr5vMALYKXNgJGsZ9ajr1vjCXev:TT0W2fjvm9uArWJGca31veXev
Score

1^/10
behavioral8
- Target
  
  Mono.Cecil.Rocks.dll
- Size
  
  24KB
- MD5
  
  fe8c2b2eef6e5e7284dc9b522a7be468
- SHA1
  
  8779911266ea9bfea924aad33a7e1c7855f41857
- SHA256
  
  273292babd45f9f34de5054bd9cdfe1d859a7dbf6f4ad5974fe4ead70698ed5b
- SHA512
  
  b78f759568fa5ce77f87db6f02688493877ced8c9b289934c6adc95db5581d3ebc858092c650a47d5d7eb44c2dd2ed01a8491930acd8173d45f777285d0990ab
- SSDEEP
  
  384:aWLOZBsQXmnFlPQnqc9H559krjuVXcVXD9PmROMLUBLMWG1UX8JvbrjEZ1O/pl+1:5aQHP+qcbkrjuROoUBBLXA/AS
Score

1^/10
behavioral9
- Target
  
  Mono.Cecil.dll
- Size
  
  348KB
- MD5
  
  7c40214d60b54749a1a7f79ea6f62bac
- SHA1
  
  a240d705b52fb1a78cceedab268db42cbeb47512
- SHA256
  
  769a59793d4b8885bbbfbc5aee8f57a0d4e34d275c56c60c03994309b87f67e9
- SHA512
  
  66a489988d15f1c651061656703b6fb03c4c6ebe82bcb0d48246c760e3764e4a7f2ad8d1653c90401fba6aa9974586d36256ad3a47e1112c1f38488a8818ab92
- SSDEEP
  
  6144:NimznQ2nMpRAX2diEIn5o4gcuomZSFrIb:XnB2EELcu0Fr
Score

1^/10
behavioral10
- Target
  
  Spectre.Console.dll
- Size
  
  794KB
- MD5
  
  2a47203be983f3dac02c9df64550a25d
- SHA1
  
  d728230fe3cbb43b5cab7ddb6e018ec22955e766
- SHA256
  
  842fd97e58fbbac48ccdda0e575b14a1b8af75c42ef87911fddfeda5b7bdbbc5
- SHA512
  
  89e969397a32e743b34037998435b16cfa35475ea1898ba495a3e9cfa33022fd6482678d497a962362fd0203d454893b53fa0cdebce44a0c6ccea538b3c02c35
- SSDEEP
  
  12288:KbiZiRA2wChnq791r++f7lWv+YnPXNKCiQGCniCUzSN:XZklnm911CPdKCiQ9nN
Score

1^/10
behavioral11
- Target
  
  Stub/stub.exe
- Size
  
  1.5MB
- MD5
  
  cd57f9b56a059ce65666c2ee267f1f2a
- SHA1
  
  e1c2e55dfcacf1605fa3f75b81d05bde25986aa6
- SHA256
  
  f74dc7d939e1a44cd57d25d28e57c41a95e7080098bc1b37118ef8f51f6e2e36
- SHA512
  
  fa91e2b2bbddd9016d9f02dc6db33482aa3707db1596236f5cbe00837ba87926801f1ff1ce302e6eb3e2ad0fa8a528e7a9256e34ca1ee2249d6ef12c17d8408d
- SSDEEP
  
  24576:7oi2Q9NXw2/wPOjdGxYqfw+Jwz/S/6RZs8nVW6k5JHkARt7DBAqnH:73Tq24GjdGSgw+W7SCRnVQTEQ/BA8
Score

7^/10

microsoft phishing
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral12
- Target
  
  Stub/stub.exe.config
- Size
  
  793B
- MD5
  
  cd52ad3158002d8376637a5b4909a735
- SHA1
  
  1d34f091bc5dd62a05428fe134a9213d8c96d561
- SHA256
  
  0cae75bafe339fe7ee95f32b826ecdaa6777cd2994e48b02e32be0d5df460cc0
- SHA512
  
  ce2e2d9054827d92a86b7cf44ff191516e96e9774f550e4a1d653da3176d0486054048a5bfbbc430eef8dad2043170c0b5cd1536864da82551cac0b5e65440b7
Score

3^/10
behavioral13

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Query Registry

T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

Detected potential entity reuse from brand microsoft.

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13