General
-
Target
tmp
-
Size
1.6MB
-
Sample
230419-tbnc3sbe97
-
MD5
58a7ffe33179e60d0a37afc80ca46fc3
-
SHA1
d6b9dba63aef8fa8c1503a141b1b8274dbaa958a
-
SHA256
295785d6f8e6f7523aff068eb6736261cfce089dc75433a1f99e50a140590c7c
-
SHA512
d591682ca883921fc1969e9b5c5432d7f1b67c199c5ccfa7b5cc012f8d67f97ca5681fb3556da33052bbe52c1a339a4e1c3f00ede1a009eda7c036dc29b6b9c2
-
SSDEEP
24576:8o2i2Q9NXw2/wPOjdGxY2rqkqjVnlqud+/2P+A+ZecdyFoBkkAnexMrdgLO:9Tq24GjdGSiqkqXfd+/9AqYanieKd
Behavioral task
behavioral1
Sample
tmp.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
tmp.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
stealerium
https://discord.com/api/webhooks/1096686747783548989/p73pJdSdXzANvQp84S7OHKkUpsHBd6TIRxJrHwMb9PwP-wbx2n3G8QD0zp6AXPvv1ZaF
Targets
-
-
Target
tmp
-
Size
1.6MB
-
MD5
58a7ffe33179e60d0a37afc80ca46fc3
-
SHA1
d6b9dba63aef8fa8c1503a141b1b8274dbaa958a
-
SHA256
295785d6f8e6f7523aff068eb6736261cfce089dc75433a1f99e50a140590c7c
-
SHA512
d591682ca883921fc1969e9b5c5432d7f1b67c199c5ccfa7b5cc012f8d67f97ca5681fb3556da33052bbe52c1a339a4e1c3f00ede1a009eda7c036dc29b6b9c2
-
SSDEEP
24576:8o2i2Q9NXw2/wPOjdGxY2rqkqjVnlqud+/2P+A+ZecdyFoBkkAnexMrdgLO:9Tq24GjdGSiqkqXfd+/9AqYanieKd
Score10/10-
Accesses Microsoft Outlook profiles
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-