General
-
Target
0x0033000000015c80-977.dat
-
Size
1.6MB
-
Sample
240130-ephmesgbb6
-
MD5
ffdc39b9c3609b4b6d8c543c078ff7cf
-
SHA1
7e34f503c51353bf53be8fc5441573d74a97ce3a
-
SHA256
e8dd4e7a66f895aff9ba9616f4352af14135fe95be6594ed1d572c84a3e827e3
-
SHA512
a68f1648d9785fb8e64d2bb756e7e58c1217361b0b57f659f83c4d7a57993acda1a9161c8ce471ff2c3fe582a7a0f7997b9cab59d034f28b40a7da04b75010b5
-
SSDEEP
49152:JkTq24GjdGSiqkqXfd+/9AqYanieKdsC:J1EjdGSiqkqXf0FLYW
Behavioral task
behavioral1
Sample
0x0033000000015c80-977.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
0x0033000000015c80-977.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
stealerium
https://discordapp.com/api/webhooks/1197850806213431377/-zU9uA2NeaYEk4-ozdhgmNljI6NS_w_qcT_cbtxYxZdkUD3JeaKChZp4GXdod-MX3D1Q
Targets
-
-
Target
0x0033000000015c80-977.dat
-
Size
1.6MB
-
MD5
ffdc39b9c3609b4b6d8c543c078ff7cf
-
SHA1
7e34f503c51353bf53be8fc5441573d74a97ce3a
-
SHA256
e8dd4e7a66f895aff9ba9616f4352af14135fe95be6594ed1d572c84a3e827e3
-
SHA512
a68f1648d9785fb8e64d2bb756e7e58c1217361b0b57f659f83c4d7a57993acda1a9161c8ce471ff2c3fe582a7a0f7997b9cab59d034f28b40a7da04b75010b5
-
SSDEEP
49152:JkTq24GjdGSiqkqXfd+/9AqYanieKdsC:J1EjdGSiqkqXf0FLYW
Score10/10-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-