General

  • Target

    Stealeriumzip.zip

  • Size

    2.8MB

  • Sample

    230705-qg3heace62

  • MD5

    135fca6a528a5a12d8113727f8dfd41a

  • SHA1

    933c28429a840bf80f28ed6719a1f61e0b4c594b

  • SHA256

    d368aa9f74bac62cae479c0b4a41ab7b4c62162daee6e1d24c5fbedcb8afc80f

  • SHA512

    ca10b5d862065e287c1915ace20e13bab2e3dd3200c659f15297536c50655186ae69d1f82e6eea9665ec059fa65947563402539930ece21a496796a8f8c0c754

  • SSDEEP

    49152:zwK4bm/KSwW/iexLO3eVKxR9U7cnLIq+Pd0GqLZdhB9SRTuMVDsQ01c4fMO:zn4bm/wRus/0nd0GqLZX8uMaZEO

Score
10/10

Malware Config

Targets

    • Target

      Builder.dll

    • Size

      215KB

    • MD5

      d791446c0bbad891110904a2d9df6410

    • SHA1

      6230a06b477f93b3e5e8a49ea3e1b554b1aea49e

    • SHA256

      88accbac5f1862df4b5699f1c3ffbe916a44d6b0af236367cd941e6877bd8505

    • SHA512

      d0831021e91051b50271582aaf8fd22af0399ba08e8337387dfc6934d00f89920edf7566a2616848129d778cc636046fa2b6c1abd1e88660a2c8f4138e1f9843

    • SSDEEP

      6144:izx3eDAIbr0K3xybL1tAj4PhFqFVfrRbP:izx3mbr0P1tAj4P6r9

    Score
    1/10
    • Target

      Builder.exe

    • Size

      144KB

    • MD5

      a01414bc6554f456f489e393be50b09e

    • SHA1

      2830f619fa80b4712c86d3598a09433d3d0fd484

    • SHA256

      6e85a84402cd44875df9065b71dc8ae77b6f21f7608f7152046a894ba90ed57c

    • SHA512

      4035e2a0136ab01cb77b7a5ca635dc5879e18350857565597f99ee2b209325cf90c0a2a6a82c99ddffe11bc1984d60eda46d7d45e505817f40bdd49f3d2d4c0f

    • SSDEEP

      3072:I8vbzyQ6Y1YXrbNK+3FNxacPEMk65RQA5TW+:IszAXNK+3FVFRQeTW

    Score
    1/10
    • Target

      Mono.Cecil.Mdb.dll

    • Size

      38KB

    • MD5

      0c4ec4eb146bfe047755669c8060a967

    • SHA1

      f663cc3bc174a98a49893e0cf334b479b05e453d

    • SHA256

      61637f9940e5e336571cbf945be0f36d6d6050e06288df0f0232d93b26f0bde7

    • SHA512

      478dba76de5b20906a31f2ff72a559779a262abe0265d475aa60d555d4f94f79887f237f393f256134be758d565aa46b30a39e81b23e1f3048fc80ab779405af

    • SSDEEP

      768:WrF3HuZyOt78PeWSTlNeyJOgfGNOV/DVxPVxaCCrHpTFuYL4oWp:WrFecOt78PeWCLOgfGkVzmpTDL4oWp

    Score
    1/10
    • Target

      Mono.Cecil.Pdb.dll

    • Size

      87KB

    • MD5

      743102d277a8754dc74f7644e03a8956

    • SHA1

      31971747d45f995bc8d05c26c728df293a074db6

    • SHA256

      a5249a04ad8fd7dfd47e4d0a620aed0f7eb6051e1ddec102c541ca3e12f6e2a8

    • SHA512

      00bb76043a3a147b570e0421f768a2f2238954922c45c611d10d8fd4a1f8ba56da8a7b7377facfe54ff6dbee2d81be87c0d6e3de9e884625697ae478a82677e9

    • SSDEEP

      1536:QOTXdiVgzDKG2fNRck9FRcXRHr5vMALYKXNgJGsZ9ajr1vjCXev:TT0W2fjvm9uArWJGca31veXev

    Score
    1/10
    • Target

      Mono.Cecil.Rocks.dll

    • Size

      24KB

    • MD5

      fe8c2b2eef6e5e7284dc9b522a7be468

    • SHA1

      8779911266ea9bfea924aad33a7e1c7855f41857

    • SHA256

      273292babd45f9f34de5054bd9cdfe1d859a7dbf6f4ad5974fe4ead70698ed5b

    • SHA512

      b78f759568fa5ce77f87db6f02688493877ced8c9b289934c6adc95db5581d3ebc858092c650a47d5d7eb44c2dd2ed01a8491930acd8173d45f777285d0990ab

    • SSDEEP

      384:aWLOZBsQXmnFlPQnqc9H559krjuVXcVXD9PmROMLUBLMWG1UX8JvbrjEZ1O/pl+1:5aQHP+qcbkrjuROoUBBLXA/AS

    Score
    1/10
    • Target

      Mono.Cecil.dll

    • Size

      348KB

    • MD5

      7c40214d60b54749a1a7f79ea6f62bac

    • SHA1

      a240d705b52fb1a78cceedab268db42cbeb47512

    • SHA256

      769a59793d4b8885bbbfbc5aee8f57a0d4e34d275c56c60c03994309b87f67e9

    • SHA512

      66a489988d15f1c651061656703b6fb03c4c6ebe82bcb0d48246c760e3764e4a7f2ad8d1653c90401fba6aa9974586d36256ad3a47e1112c1f38488a8818ab92

    • SSDEEP

      6144:NimznQ2nMpRAX2diEIn5o4gcuomZSFrIb:XnB2EELcu0Fr

    Score
    1/10
    • Target

      SixLabors.ImageSharp.dll

    • Size

      1.7MB

    • MD5

      523dced95fcb0120698fc194b159a5cd

    • SHA1

      9f6e4c7269caaf2e09b6961551102b1ec16e60a0

    • SHA256

      0d19e3bc90153b7d0360360422355daa569209180dd1e4337f2431148d1d7219

    • SHA512

      325c9c3a316852ea6156a07317a64e369048dc7cfea21e9ea87f8723cf37515f0dfc0a31ab3bf07155ea27938d426c9832c1fcba1ab6c96573cc44eacfa05255

    • SSDEEP

      24576:3ruzK1lGe+34AbXwX8WcaMX07Bpu39DhpsRalM9FHBjDkck3IegDkspo4fVz:3oo6WcaMX0zYUkY

    Score
    1/10
    • Target

      Spectre.Console.ImageSharp.dll

    • Size

      16KB

    • MD5

      e30a59c057f7f011ab7053c9ad25e470

    • SHA1

      cc530bdf2fb05216a8b367dc843696972097f20e

    • SHA256

      c6d7b7235a3106086a5454cfa50c88bc8f43bc6c167946e5115e8eb1ddb10428

    • SHA512

      653efd54808b1414316ff8398526af5d546fa98daa05f13129c065842e2f8e87f225d0782a614cf052d6092eb72ecbb6a34c3096780f71f82bddcbc60c79093e

    • SSDEEP

      384:BPAaWhq2XX2QRjeCTou4w+gS0vZm01+Cqc:BPAaH2ns+zS0vP++

    Score
    1/10
    • Target

      Spectre.Console.dll

    • Size

      689KB

    • MD5

      e2a9e4c34c215a8b75d030bcb6693f06

    • SHA1

      fd3a6063da31b5a7d56fe50539deb169a2e7f1b9

    • SHA256

      e87944494f5ed2c13c128ada90401c064f7e54a8af3c8164be0aa37f650b04a7

    • SHA512

      d142ae1a1c6ef8a851963bede54c7a1c7fc476cafe026ee9b19ecb9545c03526b20edd104a5e9fdab8bc323816a4a664c933842dfc6bbd5f4250ce253907b806

    • SSDEEP

      6144:gvF6lPrPO0w832/XbvD8oktkPl4kabMlAoDPeTleRZl2ph3iXICv+YeyK37xi7Qn:bh+bvEka6a8RGpMRv+YWVi7QRM

    Score
    1/10
    • Target

      Stub/stub.exe

    • Size

      1.6MB

    • MD5

      303df0ff45fc487db83f9a14a7eb3594

    • SHA1

      e36f528cefba775bf21f04cc208e90b815df8234

    • SHA256

      35b48e9472a04ef28d51e5af06dafc8d8573d22bd4159cfc5007b7321a0aa337

    • SHA512

      1ebaec29abe8bf659255a3e78893921a5916f8ab8c8d9f607da27e6284cc885c0951bcda7bcbc6cfb47e650a3f1f96c575f0e38881474a227c02ce84821e11a2

    • SSDEEP

      24576:Di2Q9NXw2/wPOjdGxY2rqkqjVnlqud+/2P+A+ZecdyFoBkkAnexMrdgLs:mTq24GjdGSiqkqXfd+/9AqYanieKd

    Score
    10/10
    • Stealerium

      An open source info stealer written in C# first seen in May 2022.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v6

Tasks