marsstealer | f26a5adb365053bf4a3729bfbf8864a4ec773888382245ddd8a3a6cc11840511 | Triage

Sharing

General

Target

ge‮piz.exe
Size

437KB
Sample

231013-fa2mesgb33
MD5

f17fb798ac933fab58a40afe23313ffd
SHA1

e14f54c039644d669bc8ae35121ff484bcfbc683
SHA256

f26a5adb365053bf4a3729bfbf8864a4ec773888382245ddd8a3a6cc11840511
SHA512

a4d7aceb9761e05bb500c7de34fd3e77ab3423753755bb41bae7aad1632b1a7da085915c9a8ba4fc63bba3b92e55292bbde20945453f55f3548040dddee3fea0
SSDEEP

12288:JkSpMucPgZUlb2hSsOabxNSulZdVFxWEvjZCZ9Iex8L5uflu:UXe8hxy+s

Score

10^/10

marsstealer default stealer

Malware Config

Extracted

Family

marsstealer

Botnet

Default

Targets

- Target
  
  ge‮piz.exe
- Size
  
  437KB
- MD5
  
  f17fb798ac933fab58a40afe23313ffd
- SHA1
  
  e14f54c039644d669bc8ae35121ff484bcfbc683
- SHA256
  
  f26a5adb365053bf4a3729bfbf8864a4ec773888382245ddd8a3a6cc11840511
- SHA512
  
  a4d7aceb9761e05bb500c7de34fd3e77ab3423753755bb41bae7aad1632b1a7da085915c9a8ba4fc63bba3b92e55292bbde20945453f55f3548040dddee3fea0
- SSDEEP
  
  12288:JkSpMucPgZUlb2hSsOabxNSulZdVFxWEvjZCZ9Iex8L5uflu:UXe8hxy+s
Score

10^/10

marsstealer default stealer
- Mars Stealer
  An infostealer written in C++ based on other infostealers.
  stealer marsstealer
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

marsstealerdefaultstealer

behavioral2