General

  • Target

    virus1.exe

  • Size

    1.6MB

  • Sample

    230503-et73wadf43

  • MD5

    f81b231542b3920b330a62b781b9c8d2

  • SHA1

    10114c273be842a22b84da646f7c70619b40e3a0

  • SHA256

    cd1a7450a8fdf0fb2ec37063706df6fe2b43977061a4645b439b3897c392c783

  • SHA512

    0d6ceb8feeecdf034715963bff52c7c4d43250ccee74141e615c271e1e0aaabe29788ea4e1ca57ec458eed7dffec07b8ce0125acf2224293373792832193d71e

  • SSDEEP

    24576:we88i2Q9NXw2/wPOjdGxY2rqkqjVnlqud+/2P+A+ZecdyFoBkkAnexMrdgL5:MTq24GjdGSiqkqXfd+/9AqYanieKd

Score
10/10

Malware Config

Extracted

Family

stealerium

C2

https://discord.com/api/webhooks/1094420775471169576/jxQtxV_Bl1bMK-9wE5tT-CcGZvhMCx0_SaP7mvCGLnEJ7bSWHVSJsXTEvjQcZTZVpPqZ

Targets

    • Target

      virus1.exe

    • Size

      1.6MB

    • MD5

      f81b231542b3920b330a62b781b9c8d2

    • SHA1

      10114c273be842a22b84da646f7c70619b40e3a0

    • SHA256

      cd1a7450a8fdf0fb2ec37063706df6fe2b43977061a4645b439b3897c392c783

    • SHA512

      0d6ceb8feeecdf034715963bff52c7c4d43250ccee74141e615c271e1e0aaabe29788ea4e1ca57ec458eed7dffec07b8ce0125acf2224293373792832193d71e

    • SSDEEP

      24576:we88i2Q9NXw2/wPOjdGxY2rqkqjVnlqud+/2P+A+ZecdyFoBkkAnexMrdgL5:MTq24GjdGSiqkqXfd+/9AqYanieKd

    Score
    10/10
    • Stealerium

      An open source info stealer written in C# first seen in May 2022.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks