General
-
Target
c377fdcf9f0d884cabad4fb1199d57ff.exe
-
Size
717KB
-
Sample
230206-kxq7esgc5z
-
MD5
c377fdcf9f0d884cabad4fb1199d57ff
-
SHA1
e9ef68bc310f66d191723a7c05bd27d07e137fca
-
SHA256
97a1699cdcc0f5620e224c3269da0909acbf769b84cc8b3696fb2f68b1cd5bdf
-
SHA512
0b5dd28c3642d7a83bd441c3a5ed9d3478517ef72e803321d97f1d3ec17dd31db5f521cf94394af1acaa58ac3c058fb5f18be12f11c7e12356da6ea74ebd505a
-
SSDEEP
12288:LXcqhWkdzkMWzcw9OsOSsyRvy1u7kqtf2ssp2JcPpHL4JiV8qGV3wGa7Y8vh4HZI:LXc/SzGzc8OsO9yRvlD2ssp2eRHksiG5
Malware Config
Targets
-
-
Target
c377fdcf9f0d884cabad4fb1199d57ff.exe
-
Size
717KB
-
MD5
c377fdcf9f0d884cabad4fb1199d57ff
-
SHA1
e9ef68bc310f66d191723a7c05bd27d07e137fca
-
SHA256
97a1699cdcc0f5620e224c3269da0909acbf769b84cc8b3696fb2f68b1cd5bdf
-
SHA512
0b5dd28c3642d7a83bd441c3a5ed9d3478517ef72e803321d97f1d3ec17dd31db5f521cf94394af1acaa58ac3c058fb5f18be12f11c7e12356da6ea74ebd505a
-
SSDEEP
12288:LXcqhWkdzkMWzcw9OsOSsyRvy1u7kqtf2ssp2JcPpHL4JiV8qGV3wGa7Y8vh4HZI:LXc/SzGzc8OsO9yRvlD2ssp2eRHksiG5
Score10/10-
Matiex
Matiex is a keylogger and infostealer first seen in July 2020.
-
Matiex Main payload
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-