Overview

overview

8

Static

static

8

Exploit-St...obf.py

windows7-x64

3

Exploit-St...obf.py

windows10-2004-x64

3

Exploit-St...px.exe

windows7-x64

7

Exploit-St...px.exe

windows10-2004-x64

7

Exploit-St...ld.bat

windows7-x64

1

Exploit-St...ld.bat

windows10-2004-x64

1

Exploit-St...dex.py

windows7-x64

3

Exploit-St...dex.py

windows10-2004-x64

3

Exploit-St...on.bat

windows7-x64

1

Exploit-St...on.bat

windows10-2004-x64

8

Exploit-St...ain.py

windows7-x64

3

Exploit-St...ain.py

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    Exploit-Stealer.zip

  • Size

    576KB

  • MD5

    714dc505a33e5f9056af3f77355a1a82

  • SHA1

    8477928bad280cca1435cb3943d8c823fc22c929

  • SHA256

    dd72d8d539128b02d88b7ec4527531008d89b9fadf1cfd454ed7f289a141bcb4

  • SHA512

    574c43bf7d76b04c15997e3610ff3b78b458a247bdfbb246c03c43f5a2a70b1a1a9782c8abcaafa56a006995703231062cda4899d282c872f3a8c2beda684520

  • SSDEEP

    12288:nnODwN9Vgu/0L3eSgKd9slWY7b9uwJrj6d94UFYLH5hHNZO6KsxxuQj7Okwn5DW:noqgusLOP62lWmxPN2d94UmLH/HNtJuU

Score
8/10
upx

Malware Config

Signatures

  • Patched UPX-packed file 1 IoCs

    Sample is packed with UPX but required header fields are zeroed out to prevent unpacking with the default UPX tool.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • Exploit-Stealer.zip
    .zip

    Password: hello

  • Exploit-Stealer/AssemblyFile/version.txt
  • Exploit-Stealer/How To Use.txt
  • Exploit-Stealer/Obfuscator/obf.py
  • Exploit-Stealer/UPX/upx.exe
    .exe windows:4 windows x64 arch:x64

    Password: hello


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x64 arch:x64


    Headers

    Sections

  • Exploit-Stealer/UPX/what is upx.exe.txt
  • Exploit-Stealer/build.bat
  • Exploit-Stealer/index.py
  • Exploit-Stealer/install_python.bat
    .bat .ps1
  • Exploit-Stealer/main.py