Behavioral task
behavioral1
Sample
4dc2d57d9db430235b21d7fb735adf36.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
4dc2d57d9db430235b21d7fb735adf36.exe
Resource
win10v2004-20230221-en
General
-
Target
4dc2d57d9db430235b21d7fb735adf36
-
Size
2.8MB
-
MD5
4dc2d57d9db430235b21d7fb735adf36
-
SHA1
98bf3080a85743ab933511d402e94d1bcee0c545
-
SHA256
4d2fb518c9e23c5c70e70095ba3b63580cafc4b03f7e6dce2931c54895f13b2c
-
SHA512
837580120f693d8e0bfff57fe206584a9e256db57dbcd1c4359696e8a768e001838f6db5ee0f98a15acd23070e45340532b8e8cd2d16596547a7fd0d00a87678
-
SSDEEP
49152:1+axysYC6syUkoPaPS2AJNyxUP7k/Tq24GjdGSaHwIw+W7SC6nVQcQ/BA8:atClVkoOSfJNAUzEjdGSdKNmA
Malware Config
Extracted
stealerium
https://api.telegram.org/bot5894962737:AAHAFZnz2AkLAyHC0G-7S2je9JMWWLJHGsU/sendMessage?chat_id=5661436914
Signatures
-
Stealerium family
Files
-
4dc2d57d9db430235b21d7fb735adf36.exe windows x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 2.8MB - Virtual size: 2.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ