Extracted

• • Target

    Cyber Hunter Install.exe

  • Size

    4.9MB

  • MD5

    f836f277cbcadfecfc988bf350d410c3

  • SHA1

    f9a66d7876a6eb09763e0705beaa999d99f53754

  • SHA256

    d38bc9871b0eba08a6b77314a6d3fdc94531315c2659ea60d8d23b4450ed3838

  • SHA512

    ac284e90bf72d564ceaeda28383efc8793f286002d2d7ae37f08f05a9170faa5f77a8e741cb60fabb1f48f9abc769070fc3620fa9c5d7dfce60029b6d58c8280

  • SSDEEP

    12288:D6BeSpuojQEv1E729k4nRQ/ceb5WdWOeoP3/F+2nGr6A5zuzhGlC5LcB+cVgeMtb:E0yLW2mudcocIE

  Score

  10^/10

  marsstealerdefaultspywarestealer

  • Mars Stealer

    An infostealer written in C++ based on other infostealers.

    stealermarsstealer

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  behavioral1behavioral2