matiex | 56a2b327c8405acce397302e6af14dc34a561627056f1ff4d88adbdd8f64a232

Analysis

max time kernel
1s
max time network
31s
platform
windows7_x64
resource
win7-20230220-en
resource tags

arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
submitted
06-05-2023 23:59

Target

20230425c21d96eb8a9e9ecad75a400108c697ccalinaaspxspycerbercobaltstrikedarkcometderusbidridexinceptio.exe
Size

5.0MB
MD5

c21d96eb8a9e9ecad75a400108c697cc
SHA1

5072be679c8d9865fcb965a25d10988493cc2e33
SHA256

56a2b327c8405acce397302e6af14dc34a561627056f1ff4d88adbdd8f64a232
SHA512

c9fa9a61749af46e29cd64bed197639fb11eda7424fd8f1b621c7bc60ac16f31cc55976bc0a907ab867e37845007c0a30b10c89cccd68fd731b3c588bff20f07
SSDEEP

49152:9Gbf5gfKJu0zf4R+oUN+edPTPR5Y0Pf/deh/1XwshSLGI/trdxblHK:KFlRm01+j0BA

Score

10^/10

Matiex
Matiex is a keylogger and infostealer first seen in July 2020.
stealer keylogger matiex

Matiex Main payload 1 IoCs

resource	yara_rule
behavioral1/memory/916-54-0x00000000010D0000-0x00000000015D01E0-memory.dmp	family_matiex

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit
Snake Keylogger
Keylogger and Infostealer first seen in November 2020.
stealer keylogger snakekeylogger

Snake Keylogger payload 1 IoCs

resource	yara_rule
behavioral1/memory/916-54-0x00000000010D0000-0x00000000015D01E0-memory.dmp	family_snakekeylogger

xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
miner xmrig

XMRig Miner payload 1 IoCs

miner

resource	yara_rule
behavioral1/memory/916-54-0x00000000010D0000-0x00000000015D01E0-memory.dmp	xmrig

C:\Users\Admin\AppData\Local\Temp\20230425c21d96eb8a9e9ecad75a400108c697ccalinaaspxspycerbercobaltstrikedarkcometderusbidridexinceptio.exe
"C:\Users\Admin\AppData\Local\Temp\20230425c21d96eb8a9e9ecad75a400108c697ccalinaaspxspycerbercobaltstrikedarkcometderusbidridexinceptio.exe"
1⤵
PID:916

memory/916-54-0x00000000010D0000-0x00000000015D01E0-memory.dmp

Filesize
5.0MB

Download