General
-
Target
rust-stealer-xss.bin
-
Size
4.5MB
-
Sample
231018-lykxgaed98
-
MD5
3ddf7d19049c63bdfd526de82ca592c1
-
SHA1
852dddd3a28ee5c6949bba4c76a4bfe116c903ba
-
SHA256
b1c36bffcefa1ade3384c246959d37b651dffbd10cb7172b7c93a9bfecd29f89
-
SHA512
7be04fed529a3bcbd490cf10549e1439089ba38cd70f7def6b097656c3f3a9c5bf4809f8ddc4b58430ad72e55a9bd367dc4695affa0017c4e6f391ff3318fadb
-
SSDEEP
98304:hQDi99hkY8zFbsEqy9wvDC1C/eFFYKkjsDTtqK3+5A:ODi99hgqLCSmkjWd0A
Static task
static1
Behavioral task
behavioral1
Sample
rust-stealer-xss.exe
Resource
win7-20230831-es
Malware Config
Targets
-
-
Target
rust-stealer-xss.bin
-
Size
4.5MB
-
MD5
3ddf7d19049c63bdfd526de82ca592c1
-
SHA1
852dddd3a28ee5c6949bba4c76a4bfe116c903ba
-
SHA256
b1c36bffcefa1ade3384c246959d37b651dffbd10cb7172b7c93a9bfecd29f89
-
SHA512
7be04fed529a3bcbd490cf10549e1439089ba38cd70f7def6b097656c3f3a9c5bf4809f8ddc4b58430ad72e55a9bd367dc4695affa0017c4e6f391ff3318fadb
-
SSDEEP
98304:hQDi99hkY8zFbsEqy9wvDC1C/eFFYKkjsDTtqK3+5A:ODi99hgqLCSmkjWd0A
Score10/10-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-