Overview

overview

10

Static

static

3

Konstantin.exe

windows7-x64

10

Konstantin.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Konstantin.exe

  • Size

    13.4MB

  • Sample

    231201-jhqrnsfh79

  • MD5

    b8e53ea5efc220fe80f217a0fe9ba89c

  • SHA1

    b16786f4afa49654ffeb384e0a19764eb0cc7f6d

  • SHA256

    07c6deac35b7070d7d9ded3fca62d976c054c1ad8e466a822543cee33ea04437

  • SHA512

    c7ea19ebf474be9624b527f1d18de9a96537a3424aaeb5924088940ef8746c32e25fe0c340130626a093cbeda9777db18911e90e920a98b57e8035cb2223a128

  • SSDEEP

    393216:JjRJHKOj+YFAXqHO+boBDi9HtSIrqGVc:J1JHoyAXrBDWHt7HV

Score
10/10
povertystealerspywarestealer

Malware Config

Targets

    • Target

      Konstantin.exe

    • Size

      13.4MB

    • MD5

      b8e53ea5efc220fe80f217a0fe9ba89c

    • SHA1

      b16786f4afa49654ffeb384e0a19764eb0cc7f6d

    • SHA256

      07c6deac35b7070d7d9ded3fca62d976c054c1ad8e466a822543cee33ea04437

    • SHA512

      c7ea19ebf474be9624b527f1d18de9a96537a3424aaeb5924088940ef8746c32e25fe0c340130626a093cbeda9777db18911e90e920a98b57e8035cb2223a128

    • SSDEEP

      393216:JjRJHKOj+YFAXqHO+boBDi9HtSIrqGVc:J1JHoyAXrBDWHt7HV

    Score
    10/10
    povertystealerspywarestealer

    • Detect Poverty Stealer Payload

    • Poverty Stealer

      Poverty Stealer is a crypto and infostealer written in C++.

      stealerpovertystealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks