Static task
static1
Behavioral task
behavioral1
Sample
stealer30.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
stealer30.exe
Resource
win10v2004-20220901-en
General
-
Target
stealer30.bin
-
Size
373KB
-
MD5
70d717a07a6df0db8fa222a5719c1ccd
-
SHA1
71dd5d3f838e2f869cca3aaf186c60aeb05bd682
-
SHA256
4acc7393b942c7c331ef0d08dc20000177adbe93f7a5202af14735b148c432f7
-
SHA512
cd83260c5b5891815907fb8b18383d8428c7d77a5c8af0556aaa8036e7dc2026c1e268506df86385dc8a2cb7d776b700b638adbf79b4d393a331b6d6e85cb250
-
SSDEEP
6144:wsNJZA19r/SpqYYn/70nFIyUveIh6i2AgVv0Io9J:b/i9T07YD0XF+n
Malware Config
Signatures
Files
-
stealer30.bin.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Code Sign
48:07:45:b7:d0:99:51:bf:43:ce:26:88:73:41:e2:41Certificate
IssuerCN=Brave LLCNot Before04-02-2023 11:45Not After05-02-2033 11:45SubjectCN=Brave LLC7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate
IssuerCN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before12-01-2016 00:00Not After11-01-2031 23:59SubjectCN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate
IssuerCN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=USNot Before23-12-2017 00:00Not After22-03-2029 23:59SubjectCN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
bc:d5:6b:50:24:e9:f7:26:b7:97:07:8a:58:30:1b:bc:bf:26:8b:95:65:9c:8c:f0:14:92:50:eb:2e:1f:85:47Signer
Actual PE Digestbc:d5:6b:50:24:e9:f7:26:b7:97:07:8a:58:30:1b:bc:bf:26:8b:95:65:9c:8c:f0:14:92:50:eb:2e:1f:85:47Digest Algorithmsha256PE Digest MatchestrueSignature Validations
TrustedfalseVerification
Signing CertificateCN=Brave LLC05-02-2023 04:52 Valid: false
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 161KB - Virtual size: 160KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 206KB - Virtual size: 206KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ