elysiumstealer | 91bdfb83ede4a0a0da3a0d57ecdc4471ed2de0a5e07d22d13fd52d36d8f45f7d | Triage

Sharing

General

Target

91bdfb83ede4a0a0da3a0d57ecdc4471ed2de0a5e07d22d13fd52d36d8f45f7d
Size

5.8MB
Sample

230129-y5g6daca23
MD5

a94aaf22298f13ed6b00953991848b98
SHA1

aee596cf8c3614d2e6e132f67fcc7076359a34a5
SHA256

91bdfb83ede4a0a0da3a0d57ecdc4471ed2de0a5e07d22d13fd52d36d8f45f7d
SHA512

fe8fb6e01736dd0aa409ceaad42894d9affa090d52672f70d9cfbf3c8f15b358ccb6a16ba6da7d473520a1478db6c13d44ac15f33c6b67f076350fb018dc4c48
SSDEEP

98304:HnQCdFaU/EZ7/CDdbrlFmim58O6aEB6BL:HQCdoU/e7/mdbBJm58

Score

10^/10

elysiumstealer persistence stealer

Malware Config

Targets

- Target
  
  91bdfb83ede4a0a0da3a0d57ecdc4471ed2de0a5e07d22d13fd52d36d8f45f7d
- Size
  
  5.8MB
- MD5
  
  a94aaf22298f13ed6b00953991848b98
- SHA1
  
  aee596cf8c3614d2e6e132f67fcc7076359a34a5
- SHA256
  
  91bdfb83ede4a0a0da3a0d57ecdc4471ed2de0a5e07d22d13fd52d36d8f45f7d
- SHA512
  
  fe8fb6e01736dd0aa409ceaad42894d9affa090d52672f70d9cfbf3c8f15b358ccb6a16ba6da7d473520a1478db6c13d44ac15f33c6b67f076350fb018dc4c48
- SSDEEP
  
  98304:HnQCdFaU/EZ7/CDdbrlFmim58O6aEB6BL:HQCdoU/e7/mdbBJm58
Score

10^/10

elysiumstealer persistence stealer
- ElysiumStealer
  ElysiumStealer (previously known as ZeromaxStealer) is an info stealer that can steal login credentials for various accounts.
  stealer elysiumstealer
- ElysiumStealer Support DLL
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

elysiumstealerpersistencestealer

behavioral2

elysiumstealerpersistencestealer