povertystealer | c5958711c87358d92b505eda53dd9f167ac6dcbc0e509b34cbf1c69e2768f46e

Sharing

Copy URL

Twitter E-mail

General

Target

Setup_Loader v2.1.zip
Size

9.7MB
Sample

230913-p2xxzsbg9y
MD5

b7abb13ba4d441a09a0798793bc7bcab
SHA1

75623623eff10d77f1af44607d7c44933b7fe472
SHA256

c5958711c87358d92b505eda53dd9f167ac6dcbc0e509b34cbf1c69e2768f46e
SHA512

536cee8ac2f941b8721e3bb37169fa7e86a613889478def98e757f3a2f42fdc0a1f3fde91cd1901b299bffe9de34a3b769edcd0ba7b85ea617e1b2f450c94816
SSDEEP

196608:XSh69BgkKubPYIs+kkqciGjbvuSUHY8nzyqGZBAPChNwxD6Sr:CMKkKubAI8wmSUHLGruK02A

Score

10^/10

povertystealer stealer

Malware Config

Targets

- Target
  
  Setup_Loader v2.1/7zxa.dll
- Size
  
  228KB
- MD5
  
  983d226045bb3c63e0c1d047428ee17b
- SHA1
  
  6a0a74dd68daae4ba5fc8cdf2da963bacd17186a
- SHA256
  
  33656242a0d8cce56f6c2abb0ceffbced63a460755fad1dcee36490f904d4809
- SHA512
  
  9652fb0fc2666104ee17579df0bc65282d95dd509588a82d7aa1445078f2893067d77199c04d0c84bba8cdb361807efb10f014ddf9f14d07888719b341b87e27
- SSDEEP
  
  3072:iEamww2O59NcM8EhzfxvAWZtyv34vwoxCOZOIekwvwCgm4vU2LxPeJKcvewyAW+0:io3r59aEhdC8zx2HX05FJmoMST
Score

3^/10
behavioral1 behavioral2
- Target
  
  Setup_Loader v2.1/ImagingEngine.dll
- Size
  
  1.9MB
- MD5
  
  5da33d4abee44484f9579ff1a5212ba2
- SHA1
  
  7ef1eec3d446c23f000b42ce6645fb1dff923144
- SHA256
  
  3beb32ef72972bb78f4a00a7a2bd0ee2da457307bec852f96bb1763b0f8993f5
- SHA512
  
  b9d14e2f532b537d6587096eaee3afadc6233401c816686c72965cdec7acf506c90a41a1c7180cc999d54d55d97f7caeecad7fc4fc820c3f287b340a8b4c4fca
- SSDEEP
  
  49152:d4MI7zYmUDW0PxIKw5anPoSAd6TOaD+yqla3:OpzmDW0P3w5h7d66aka3
Score

1^/10
behavioral3 behavioral4
- Target
  
  Setup_Loader v2.1/PhotoAcq.dll
- Size
  
  1.6MB
- MD5
  
  fff950ea52970793f733ac57075533cc
- SHA1
  
  2bb67ab1d1f1c927ad6d7291be01faac6fd7380e
- SHA256
  
  e92e0198de87b916690725490fafe6de7701a989a9af4fbe6416ca5dfac2972e
- SHA512
  
  f71f9dc49bb1e02d374155103f2ac79e1e002a665060243af22e13340c27a6935cf3d8f2e2361335c9b1af26f6c22571aa3b9be9d4d4ec5a5633f3e77eef8669
- SSDEEP
  
  24576:7JCYud1wyTtsObE56IdGktxvxr5oCAd6VoYXDLilE3vSjTm:7JCYuvTtsO4kIJtxvxbmYTL9mTm
Score

1^/10
behavioral5 behavioral6
- Target
  
  Setup_Loader v2.1/PhotoBase.dll
- Size
  
  37KB
- MD5
  
  dad2758a806a22b9ec1956218c040741
- SHA1
  
  763cdf2714c232317f320eea605925fffa64c451
- SHA256
  
  931fb1c39192a82208262a13bcc28398cb3ef1995e19ea3c72fbfc4e6191f818
- SHA512
  
  78653743ef4c5bf2291a48377b0e518ef1bd545972f86d1ebb90244a79807160afc27cf09d5d05d2e94a36daef0dba3b988e8276e06810deb81f1ee7a429d384
- SSDEEP
  
  768:rKHzaXYaZrGk4qLwQWSmtoWkr/3W0Kl/5b9eV3/I:rCzaQkMQdmty+ZeBQ
Score

3^/10
behavioral7 behavioral8
- Target
  
  Setup_Loader v2.1/PhotoViewer.dll
- Size
  
  1.5MB
- MD5
  
  97373cb137a028d459928d63fa8fe45d
- SHA1
  
  f2d665a800d7e8fd61c9405bbcadcf77b08e84e0
- SHA256
  
  450edab43e39086f4921f85802fd7142064a207d666457221cc794e6e4379b54
- SHA512
  
  44e172cdeae581092db40d998e30889450dcd88af127c386da894a5ce79ea5987baa6cf63c48b8540eb97e779b59117b3bc394643bc233c5fbf97f572a88ab82
- SSDEEP
  
  24576:GAOnAn6jmVMD58MyV3iFeKNC1HYJtyeyvM0W7439KQ9l2oWIoWIoW:SA1V+5ZVaW743YQ99WRWRW
Score

1^/10
behavioral10 behavioral9
- Target
  
  Setup_Loader v2.1/Setup_Loader v2.1.exe
- Size
  
  14.6MB
- MD5
  
  d6f7e3d35d83cdb0023f2dd7e45b081f
- SHA1
  
  e892506c5af85088ca8b35dd645fe19299a5d4cf
- SHA256
  
  593da8058de6240831bec473089fc79462c74af2c99701ebc6a5da8ba1635dd3
- SHA512
  
  a891ca90b44a2133b4268bdfc47a1bc4a7bb2a99bf080151818a6d49274eba192c90ed26ef9f9660a2824ce57a3ba3a52314a5ceddc3a3c18bf95dcd66c160e6
- SSDEEP
  
  196608:FeuVE9sVAPRkLJkTtOI7zkMDkRS9GvSCL:auVxLJkTtOI7zkMDkRS98
Score

10^/10

povertystealer stealer
- Detect Poverty Stealer Payload
- Poverty Stealer
  Poverty Stealer is a crypto and infostealer written in C++.
  stealer povertystealer
- Suspicious use of SetThreadContext
behavioral11 behavioral12
- Target
  
  Setup_Loader v2.1/libEGL.dll
- Size
  
  474KB
- MD5
  
  063c13c2a1699421370c791e94160027
- SHA1
  
  8f2475f9f7eec35dc14b1bdb680cd343d4d80c46
- SHA256
  
  5eeb9d0a0962f6ad260b731ceb03512497c68bac1d8a1b76e5f82eeefd1c19dd
- SHA512
  
  35eeddc9202f11acabe8e359dbbb43d979fa9e8abe3ff98bb77f52ea801ac84a6a6c223486ae71d5574a54f4cd44779e7a1000ed6870812e74e3501eb0b90b7a
- SSDEEP
  
  6144:5GjOjehlIknc7MowJa2eCK/zqH5lWfikriFbt:5rihmkncAM9/GzWfitFB
Score

1^/10
behavioral13 behavioral14
- Target
  
  Setup_Loader v2.1/libGLESv2.dll
- Size
  
  7.0MB
- MD5
  
  47a9b02188687681c9913eceade540d7
- SHA1
  
  20ed1ca570553de206f8138f24d9773dcb13ed8b
- SHA256
  
  93700f55dbb817261b26aa2df1dc765a0f544513d5260ee340a9ff29223ba062
- SHA512
  
  ac804cee6fd9c4948e0d48886c1dd21a66c9d837c3dc094f7c8debdb96a631bdb5b2a930ba97b1d95eeab6678df3a4b2e95089906d69e82e6078b0368ff0ff14
- SSDEEP
  
  49152:8uzIWEjMdc+kjiTdTbFAet7D90fP9WZfHlKuO3YE508mWCa30e1/tRu5pLthSk2a:BzrLFsP9WNyyn3TV/KYiUvClXYE8
Score

3^/10
behavioral15 behavioral16
- Target
  
  Setup_Loader v2.1/mojo_core.dll
- Size
  
  1.8MB
- MD5
  
  6f55d7e4c81184907dbe6a4f970f9721
- SHA1
  
  f225dc927112ce510e3e6cf0a82e12b9ade02507
- SHA256
  
  7fb9b469d3934ff756bbe579f67f163bdaac2a9841a5b523aa5c55bc975c409a
- SHA512
  
  9fb4f293085a943f68bbab9b1c1b3317867720a33706a706f5658033f7f390a6957d3d75caae76ee0ca3da3714194bf3b2811058e8d92418ccf9019e0b0c42e0
- SSDEEP
  
  49152:Nx1CDND8Yus1VRS7yy2OJfCTMUYKfNH9j7:9a88VRSg/ukNV7
Score

1^/10
behavioral17 behavioral18

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Targets

Detect Poverty Stealer Payload

Poverty Stealer

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18