General
-
Target
Sharkviews.exe
-
Size
1.6MB
-
Sample
240201-xfbfvscdg6
-
MD5
3746230c02864ebf422e6cf3566a3c9d
-
SHA1
0e8526a04e3880602fdbb4a7cf47f67a727d22c0
-
SHA256
88270b7e469676ddaea88e2b0463aaec523df8b11deeb0a79d8fb6a171f6f944
-
SHA512
e6fc112e43f99b7fcbf694ee36555b6d38b8f5d49880f501362bb91efe7879f403d40ff3a8cb73129222ef46507a8f18f442181318338aeda0dd771e729d94e8
-
SSDEEP
49152:EcTq24GjdGSiqkqXfd+/9AqYanieKdY5:E9EjdGSiqkqXf0FLYW
Behavioral task
behavioral1
Sample
Sharkviews.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
stealerium
https://discord.com/api/webhooks/1202529017253728296/kTYv37m9AUG_bqqid9W3SpHTI3nPEnaPFlj3d1Uj1541qfZHvFRrGyac2hgqyTl7vgA_
Targets
-
-
Target
Sharkviews.exe
-
Size
1.6MB
-
MD5
3746230c02864ebf422e6cf3566a3c9d
-
SHA1
0e8526a04e3880602fdbb4a7cf47f67a727d22c0
-
SHA256
88270b7e469676ddaea88e2b0463aaec523df8b11deeb0a79d8fb6a171f6f944
-
SHA512
e6fc112e43f99b7fcbf694ee36555b6d38b8f5d49880f501362bb91efe7879f403d40ff3a8cb73129222ef46507a8f18f442181318338aeda0dd771e729d94e8
-
SSDEEP
49152:EcTq24GjdGSiqkqXfd+/9AqYanieKdY5:E9EjdGSiqkqXf0FLYW
Score10/10-
Accesses Microsoft Outlook profiles
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-