Overview
overview
10Static
static
10Builder.exe
windows7-x64
1Builder.exe
windows10-2004-x64
1Builder.exe
windows7-x64
1Builder.exe
windows10-2004-x64
1Mono.Cecil.Mdb.dll
windows7-x64
1Mono.Cecil.Mdb.dll
windows10-2004-x64
1Mono.Cecil.Pdb.dll
windows7-x64
1Mono.Cecil.Pdb.dll
windows10-2004-x64
1Mono.Cecil.Rocks.dll
windows7-x64
1Mono.Cecil.Rocks.dll
windows10-2004-x64
1Mono.Cecil.dll
windows7-x64
1Mono.Cecil.dll
windows10-2004-x64
1SixLabors....rp.dll
windows7-x64
1SixLabors....rp.dll
windows10-2004-x64
1Spectre.Co...rp.dll
windows7-x64
1Spectre.Co...rp.dll
windows10-2004-x64
1Spectre.Console.dll
windows7-x64
1Spectre.Console.dll
windows10-2004-x64
1Stub/stub.exe
windows7-x64
1Stub/stub.exe
windows10-2004-x64
10General
-
Target
Stealerium.zip
-
Size
2.8MB
-
Sample
230531-w6wztahb75
-
MD5
2ecd02e8e656c21a96722057aa3d9c76
-
SHA1
ae03d4dd4ed5bc4fc189232e8b416df979ae6c9f
-
SHA256
2b55d3d5d47acf8e35fedf1fd612f81c9d10fdd84e8bdd9d6ad4b5bf1da04adf
-
SHA512
3800de6f27f99326dab34b017eb4bfc51ecf22473a880cce37cc64ff74982503522bf19b39d1b2a31aa3eac93a229b13db851d5da568a68eb9764a31d179bee7
-
SSDEEP
49152:+7XRwX/KSwW/iexLO3eVKxR9U7cSXi+fRaf/MAqrJdJIDJejmngciqjfDig+4GbH:+7XRu/wRus/VYCMAqrJQJxngSjW/4GbH
Behavioral task
behavioral1
Sample
Builder.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
Builder.exe
Resource
win10v2004-20230220-en
Behavioral task
behavioral3
Sample
Builder.exe
Resource
win7-20230220-en
Behavioral task
behavioral4
Sample
Builder.exe
Resource
win10v2004-20230220-en
Behavioral task
behavioral5
Sample
Mono.Cecil.Mdb.dll
Resource
win7-20230220-en
Behavioral task
behavioral6
Sample
Mono.Cecil.Mdb.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral7
Sample
Mono.Cecil.Pdb.dll
Resource
win7-20230220-en
Behavioral task
behavioral8
Sample
Mono.Cecil.Pdb.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral9
Sample
Mono.Cecil.Rocks.dll
Resource
win7-20230220-en
Behavioral task
behavioral10
Sample
Mono.Cecil.Rocks.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral11
Sample
Mono.Cecil.dll
Resource
win7-20230220-en
Behavioral task
behavioral12
Sample
Mono.Cecil.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral13
Sample
SixLabors.ImageSharp.dll
Resource
win7-20230220-en
Behavioral task
behavioral14
Sample
SixLabors.ImageSharp.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral15
Sample
Spectre.Console.ImageSharp.dll
Resource
win7-20230220-en
Behavioral task
behavioral16
Sample
Spectre.Console.ImageSharp.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral17
Sample
Spectre.Console.dll
Resource
win7-20230220-en
Behavioral task
behavioral18
Sample
Spectre.Console.dll
Resource
win10v2004-20230220-en
Behavioral task
behavioral19
Sample
Stub/stub.exe
Resource
win7-20230220-en
Behavioral task
behavioral20
Sample
Stub/stub.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
Builder.dll
-
Size
215KB
-
MD5
0e3aeaaf587824ec9aae4a40f46087a4
-
SHA1
1995b61a48aa4c8abb238ce7beb23dc9c640f6d8
-
SHA256
25716b851bcb89086cae5af0be1f6911aed75021f3d48c70965faf3cafae2d4d
-
SHA512
da3b1b01296fe1dc8cdc79e33bf61a948a761e46582f2710a116f0296162484dcd000271eeef8c84867d3508d017eb66da63dbd65cf4136c82de6f201689e209
-
SSDEEP
6144:A1x3eDAIbr0K3xybL1tAj4PhFqFVfrRbP:A1x3mbr0P1tAj4P6r9
Score1/10 -
-
-
Target
Builder.exe
-
Size
144KB
-
MD5
f9c10a56158c17ba43f1530d4a903230
-
SHA1
b783f18946a7a9dff90afe802c562b32c1f53cc9
-
SHA256
8b160144aea95422360608e0ff17c0daa8bffb1d2f7983151a1fe532df05e5f6
-
SHA512
a9c8788e5ea51d164da66fdbe44470167663a09f59f343947c0d384c5684b495f65284e32e43900f1f5621a4bb7892f8b941fc012730b4be4a1c1216688df969
-
SSDEEP
3072:58vbzyQ6Y1YXrbNK+3FNxacPEMk6rRQA5TW+:5szAXNK+3FVHRQeTW
Score1/10 -
-
-
Target
Mono.Cecil.Mdb.dll
-
Size
38KB
-
MD5
0c4ec4eb146bfe047755669c8060a967
-
SHA1
f663cc3bc174a98a49893e0cf334b479b05e453d
-
SHA256
61637f9940e5e336571cbf945be0f36d6d6050e06288df0f0232d93b26f0bde7
-
SHA512
478dba76de5b20906a31f2ff72a559779a262abe0265d475aa60d555d4f94f79887f237f393f256134be758d565aa46b30a39e81b23e1f3048fc80ab779405af
-
SSDEEP
768:WrF3HuZyOt78PeWSTlNeyJOgfGNOV/DVxPVxaCCrHpTFuYL4oWp:WrFecOt78PeWCLOgfGkVzmpTDL4oWp
Score1/10 -
-
-
Target
Mono.Cecil.Pdb.dll
-
Size
87KB
-
MD5
743102d277a8754dc74f7644e03a8956
-
SHA1
31971747d45f995bc8d05c26c728df293a074db6
-
SHA256
a5249a04ad8fd7dfd47e4d0a620aed0f7eb6051e1ddec102c541ca3e12f6e2a8
-
SHA512
00bb76043a3a147b570e0421f768a2f2238954922c45c611d10d8fd4a1f8ba56da8a7b7377facfe54ff6dbee2d81be87c0d6e3de9e884625697ae478a82677e9
-
SSDEEP
1536:QOTXdiVgzDKG2fNRck9FRcXRHr5vMALYKXNgJGsZ9ajr1vjCXev:TT0W2fjvm9uArWJGca31veXev
Score1/10 -
-
-
Target
Mono.Cecil.Rocks.dll
-
Size
24KB
-
MD5
fe8c2b2eef6e5e7284dc9b522a7be468
-
SHA1
8779911266ea9bfea924aad33a7e1c7855f41857
-
SHA256
273292babd45f9f34de5054bd9cdfe1d859a7dbf6f4ad5974fe4ead70698ed5b
-
SHA512
b78f759568fa5ce77f87db6f02688493877ced8c9b289934c6adc95db5581d3ebc858092c650a47d5d7eb44c2dd2ed01a8491930acd8173d45f777285d0990ab
-
SSDEEP
384:aWLOZBsQXmnFlPQnqc9H559krjuVXcVXD9PmROMLUBLMWG1UX8JvbrjEZ1O/pl+1:5aQHP+qcbkrjuROoUBBLXA/AS
Score1/10 -
-
-
Target
Mono.Cecil.dll
-
Size
348KB
-
MD5
7c40214d60b54749a1a7f79ea6f62bac
-
SHA1
a240d705b52fb1a78cceedab268db42cbeb47512
-
SHA256
769a59793d4b8885bbbfbc5aee8f57a0d4e34d275c56c60c03994309b87f67e9
-
SHA512
66a489988d15f1c651061656703b6fb03c4c6ebe82bcb0d48246c760e3764e4a7f2ad8d1653c90401fba6aa9974586d36256ad3a47e1112c1f38488a8818ab92
-
SSDEEP
6144:NimznQ2nMpRAX2diEIn5o4gcuomZSFrIb:XnB2EELcu0Fr
Score1/10 -
-
-
Target
SixLabors.ImageSharp.dll
-
Size
1.7MB
-
MD5
523dced95fcb0120698fc194b159a5cd
-
SHA1
9f6e4c7269caaf2e09b6961551102b1ec16e60a0
-
SHA256
0d19e3bc90153b7d0360360422355daa569209180dd1e4337f2431148d1d7219
-
SHA512
325c9c3a316852ea6156a07317a64e369048dc7cfea21e9ea87f8723cf37515f0dfc0a31ab3bf07155ea27938d426c9832c1fcba1ab6c96573cc44eacfa05255
-
SSDEEP
24576:3ruzK1lGe+34AbXwX8WcaMX07Bpu39DhpsRalM9FHBjDkck3IegDkspo4fVz:3oo6WcaMX0zYUkY
Score1/10 -
-
-
Target
Spectre.Console.ImageSharp.dll
-
Size
16KB
-
MD5
e30a59c057f7f011ab7053c9ad25e470
-
SHA1
cc530bdf2fb05216a8b367dc843696972097f20e
-
SHA256
c6d7b7235a3106086a5454cfa50c88bc8f43bc6c167946e5115e8eb1ddb10428
-
SHA512
653efd54808b1414316ff8398526af5d546fa98daa05f13129c065842e2f8e87f225d0782a614cf052d6092eb72ecbb6a34c3096780f71f82bddcbc60c79093e
-
SSDEEP
384:BPAaWhq2XX2QRjeCTou4w+gS0vZm01+Cqc:BPAaH2ns+zS0vP++
Score1/10 -
-
-
Target
Spectre.Console.dll
-
Size
689KB
-
MD5
e2a9e4c34c215a8b75d030bcb6693f06
-
SHA1
fd3a6063da31b5a7d56fe50539deb169a2e7f1b9
-
SHA256
e87944494f5ed2c13c128ada90401c064f7e54a8af3c8164be0aa37f650b04a7
-
SHA512
d142ae1a1c6ef8a851963bede54c7a1c7fc476cafe026ee9b19ecb9545c03526b20edd104a5e9fdab8bc323816a4a664c933842dfc6bbd5f4250ce253907b806
-
SSDEEP
6144:gvF6lPrPO0w832/XbvD8oktkPl4kabMlAoDPeTleRZl2ph3iXICv+YeyK37xi7Qn:bh+bvEka6a8RGpMRv+YWVi7QRM
Score1/10 -
-
-
Target
Stub/stub.exe
-
Size
1.6MB
-
MD5
0bbe9bc948d0154a739c23b4b0521ea1
-
SHA1
74a5c37500bfec5286ec4f0e56663eafb536b9f3
-
SHA256
8a37cfdf9c3d4beca639ead3b11688360333a550aedb60d4dbff82140b9b417e
-
SHA512
78eac69129b53416221fd6663158db0b6d528ad070b8c9887293212639a2c28c20eddbf148c024bd84ea8386992dcb989ded93727d747a46c97ee751f96e92da
-
SSDEEP
24576:i3i2Q9NXw2/wPOjdGxY2rqkqjVnlqud+/2P+A+ZecdyFoBkkAnexMrdgL4:nTq24GjdGSiqkqXfd+/9AqYanieKd
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-