General
-
Target
IGReport Bot.rar
-
Size
19.3MB
-
Sample
230220-ycq8ksdh8t
-
MD5
1b22198369717162112830262c689312
-
SHA1
52891299291d7eb1db43c12b55146572088e769b
-
SHA256
b80969db6d1521216f024392a0a3a0019f8099d7bf37e1b51e11beab369cd9ec
-
SHA512
3f23ea33d511efe5e0db4e677b4f44127524151e4377277ec6749dc9ecf851ffeea134e7cd61e14a9409d7fa23c1413d9cb709b6226fda8c9444afccadb1cf3e
-
SSDEEP
393216:gcaCkcyo1X9E3Y1rpi94oyVkuC0IrsIeSgx2ngeh8BFJfXvCe82aLgL+gLtGTw/j:gOkfo43Y1Q9EVMrq2ngbFRXvCHgHtG2
Behavioral task
behavioral1
Sample
IGReportBot.exe-pp.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
IGReportBot.exe-pp.exe
Resource
win10v2004-20221111-en
Behavioral task
behavioral3
Sample
REQUIREMENTS.bat
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
REQUIREMENTS.bat
Resource
win10v2004-20230220-en
Behavioral task
behavioral5
Sample
chromedriver.exe
Resource
win7-20221111-en
Behavioral task
behavioral6
Sample
chromedriver.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral7
Sample
utils.exe
Resource
win7-20220901-en
Behavioral task
behavioral8
Sample
utils.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
IGReportBot.exe-pp.exe
-
Size
1.2MB
-
MD5
b81ef2de054f66f32134aa0e22bf65cb
-
SHA1
453007c031021b9b270e0a16ccd16b5eb96af273
-
SHA256
a3a5a06c291f9728fa1be3520e753cbe8a115b7383f27e9c4582806d2d78e5a5
-
SHA512
d3bb9a328bc9e4e753fc649b2b3488b95cdb6131f0dbc124e1ffb658ad3abca724de2e6737c5ec3f889b55f5cb31d1545ca258b8d0e8bea9ca2421c7523a894a
-
SSDEEP
24576:pEaH68R3DIgNZLc145cFoSXyr6KcsgAK7cm4lcU+TVd4Ht9ofX:p5HHpNFaoS8SVjhTVd4gP
Score10/10-
ElysiumStealer
ElysiumStealer (previously known as ZeromaxStealer) is an info stealer that can steal login credentials for various accounts.
-
ElysiumStealer Support DLL
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
-
-
Target
REQUIREMENTS.bat
-
Size
273B
-
MD5
045fe8f298f119e274b62d49d40499b5
-
SHA1
4749cbd55576201e6d1a8cd04d4ed417b75b1027
-
SHA256
4e46299b7c3bea59bff5b59dd7165b7965c70730d69b06ad9b8e85075f0ba2c1
-
SHA512
1a2dccbdbd9155a62ea7e4d655ebceb87ddef2d6b69d97d56bad97552a674bcd6564117300102b9048eacd0cd6e5becb959922444b4412625a71ff0f8112cf9e
Score1/10 -
-
-
Target
chromedriver.exe
-
Size
9.2MB
-
MD5
d0b5b7fc6b2a78d7b01806ccf0eca224
-
SHA1
6ab774ef3a681ecfe601f62522e19846050cebd4
-
SHA256
0986fa1d2b07f3c755b84bc50d8115a09f246bf2d30bc1b850b957bc394fad53
-
SHA512
a995b75e89a737383450c6e1e51dfa58ae17b6bcf0d9544e79d64354f960ec23980b3ed98ad0527d065f625d55bc75d546af67c91ffb0711729348f0b4f969cb
-
SSDEEP
98304:pfQOA0IYCD/OJWhS2uxgd+ZdeN6666666666666666666666666666666x66666:pfUpmzxgBnah7xh5OoXD/JJSDL
Score1/10 -
-
-
Target
utils.key
-
Size
14.2MB
-
MD5
e32e886d38d3f491f7a2e5165445219e
-
SHA1
7b643c9e66043b35982e62c789ea07822a706e3a
-
SHA256
b67229c705c1b136bfb6c9bd004bb620a7e5e37f267293e389959edca898bd80
-
SHA512
bfc0a98b9cc3b6bc95b07d91a20e18e4e1f276414c1daffff585ae0433a3f94e0ea4afd8c52a4a49f02054961fb9a17ca4b5d2e7948d0013c8d9e200aea7ad1a
-
SSDEEP
393216:GdB9c5hlER35ShR4uw7MRFJzFcguH3tN3ZW7CNfWVE:GZEhkpQ2HqCtN3+CN
Score7/10-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-