Overview

overview

10

Static

static

007556d5a7...ff.exe

windows7-x64

1

007556d5a7...ff.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    007556d5a71f6dd74f0b5a9778cf31ff.exe

  • Size

    476KB

  • Sample

    230112-sf7f3sgd46

  • MD5

    007556d5a71f6dd74f0b5a9778cf31ff

  • SHA1

    ada81ef2208703f22b1fe99f7342927bc9640dd6

  • SHA256

    e24d753b84d8ca4411b4157a300baea0e41cfdb04e6f0bb437b4273110f89d53

  • SHA512

    9cbe5768e5b9c86cc4b8ed7f55122747acbe828ac295831082e793eaa76ab6cf169602a7fa28355ebec6b8722d2abbec634c33d148c93f456fa5a13d317769d2

  • SSDEEP

    12288:5js193PQAW630ZwDAiu/7mmtfOD6IybGr2XTd:5bL630ZhZz1tfYTyboM

Score
10/10
matiexcollectionkeyloggerstealer

Malware Config

Extracted

Family

matiex

Credentials

  • Protocol:     smtp
  • Host:
    srvc13.turhost.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    italik2015

Targets

    • Target

      007556d5a71f6dd74f0b5a9778cf31ff.exe

    • Size

      476KB

    • MD5

      007556d5a71f6dd74f0b5a9778cf31ff

    • SHA1

      ada81ef2208703f22b1fe99f7342927bc9640dd6

    • SHA256

      e24d753b84d8ca4411b4157a300baea0e41cfdb04e6f0bb437b4273110f89d53

    • SHA512

      9cbe5768e5b9c86cc4b8ed7f55122747acbe828ac295831082e793eaa76ab6cf169602a7fa28355ebec6b8722d2abbec634c33d148c93f456fa5a13d317769d2

    • SSDEEP

      12288:5js193PQAW630ZwDAiu/7mmtfOD6IybGr2XTd:5bL630ZhZz1tfYTyboM

    Score
    10/10
    matiexcollectionkeyloggerstealer

    • Matiex

      Matiex is a keylogger and infostealer first seen in July 2020.

      stealerkeyloggermatiex

    • Matiex Main payload

    • Accesses Microsoft Outlook profiles

      collection

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks