General

  • Target

    bsco-4v4t4r.zip

  • Size

    1.5MB

  • Sample

    230526-x6xrsagg95

  • MD5

    cb25331e1837c7ce6a8c2f327e8d017b

  • SHA1

    a4fee48ae34051c4999806854bf56436a3229a89

  • SHA256

    572e270efb5e0f5fba00ab1a6935193fcab9e88d443f4d542d71a602bb63593a

  • SHA512

    5609b76116fe790fd07eea746e90227a78270509b360cd13e691aae13706843a1c2a58d68f75a765273cd874270fd096e1ea4d86819ca3fd1140dcbdd40c5920

  • SSDEEP

    24576:0wDAsdDAPosUGejJQE6OCCfjZJ7ofL/FYidRxXDxSl/bZjHGuETAlP/PId5a1ObZ:08OPKjDjv7ORYi3xTxmbTOAlP/Pqui

Score
10/10

Malware Config

Extracted

Family

stealerium

C2

https://discord.com/api/webhooks/1098436501517369394/JKCsN0HXfrE6Z1tY-USgbbvMdy8EidwbtI0dVIIjWIpD09R2nXrCi99850bnMqFKyC2a

Targets

    • Target

      bsco-4v4t4r.exe

    • Size

      1.6MB

    • MD5

      c845ab96f7e195e9863395f24657f0cd

    • SHA1

      0368773cf3c71fef84082f2068ffafb3ed5580b3

    • SHA256

      95712d2264e3eb59cae19859ecb0ecab79dbb998189f56c1b697fe5c233d34d6

    • SHA512

      d33b36254a2aeea23f21db8e1a4af17bec355d1840cb03f1892c15afd84c74a8560ea06ed62a2dbf5ffae9047ce2b45e16f18b6b1825ee8c30a30a242e17c9b9

    • SSDEEP

      24576:Si2Q9NXw2/wPOjdGxY2rqkqjVnlqud+/2P+A+ZecdyFoBkkAnexMrdgLU:lTq24GjdGSiqkqXfd+/9AqYanieKd

    Score
    10/10
    • Stealerium

      An open source info stealer written in C# first seen in May 2022.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v6

Tasks