elysiumstealer | ef8010f9799ccfe1aa10b6d850f6113835240dca7611727b0bd185994a2e8957 | Triage

Sharing

General

Target

ef8010f9799ccfe1aa10b6d850f6113835240dca7611727b0bd185994a2e8957
Size

5.8MB
Sample

230129-y456tabh95
MD5

0fb52d94f12d8c6ed4e116f06016a84f
SHA1

e75dc58e57e2fe0714e65675fb1c506cbc95098f
SHA256

ef8010f9799ccfe1aa10b6d850f6113835240dca7611727b0bd185994a2e8957
SHA512

8f83f0c90c7b30b5c8259ed3d5b5c15090257d46136d8331a115a07429d7f15bf71e202c26068f87783ce4ba7321805cfe06de8bd4185e9caf62b3ead48a28c1
SSDEEP

49152:rnuZCESFabY/wd3n2AWI/9LM7vdbHJ9nltOejmnim58P2i4aQ5pTyUG6MJa3sU4W:rnQCdFaU/EZ7/CDdbrlFmim58O6aLBj

Score

10^/10

elysiumstealer persistence stealer

Malware Config

Targets

- Target
  
  ef8010f9799ccfe1aa10b6d850f6113835240dca7611727b0bd185994a2e8957
- Size
  
  5.8MB
- MD5
  
  0fb52d94f12d8c6ed4e116f06016a84f
- SHA1
  
  e75dc58e57e2fe0714e65675fb1c506cbc95098f
- SHA256
  
  ef8010f9799ccfe1aa10b6d850f6113835240dca7611727b0bd185994a2e8957
- SHA512
  
  8f83f0c90c7b30b5c8259ed3d5b5c15090257d46136d8331a115a07429d7f15bf71e202c26068f87783ce4ba7321805cfe06de8bd4185e9caf62b3ead48a28c1
- SSDEEP
  
  49152:rnuZCESFabY/wd3n2AWI/9LM7vdbHJ9nltOejmnim58P2i4aQ5pTyUG6MJa3sU4W:rnQCdFaU/EZ7/CDdbrlFmim58O6aLBj
Score

10^/10

elysiumstealer persistence stealer
- ElysiumStealer
  ElysiumStealer (previously known as ZeromaxStealer) is an info stealer that can steal login credentials for various accounts.
  stealer elysiumstealer
- ElysiumStealer Support DLL
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

elysiumstealerpersistencestealer

behavioral2

elysiumstealerpersistencestealer