General

  • Target

    y2mate (mp3cut.net).mp3

  • Size

    2.9MB

  • Sample

    240203-yn248ahaf8

  • MD5

    067dbb79b5f5d1bdbe5fd211768c0cdf

  • SHA1

    bb55a4ac846ced7ad6446a8d2c152dbb11b897b5

  • SHA256

    cae622d50425c37fa40c7f3a7bdbe3971317be5887d24bb919d7296f61532585

  • SHA512

    6630890b6e67c1dc8db44fc097a981cc0cf19328becb1b843d81e1f9e7b1119038180d2518d8c93d88672b41188706bfc816068f5c3a0fe9522e424589663f71

  • SSDEEP

    49152:3nlk0k7lVKo6anIFQfmkOtmp959Gmju/CD4qdlDP:3q0knKoHPtpju/Ur

Score
10/10

Malware Config

Extracted

Family

stealerium

C2

https://canary.discord.com/api/webhooks/1203428065494171729/fNRjwICIjgi29Vh-cYTVLnPVdteyz6pyqnqRLPe_kuFWLTcVSKmlv6c-C-yI66bKlL9m

Targets

    • Target

      y2mate (mp3cut.net).mp3

    • Size

      2.9MB

    • MD5

      067dbb79b5f5d1bdbe5fd211768c0cdf

    • SHA1

      bb55a4ac846ced7ad6446a8d2c152dbb11b897b5

    • SHA256

      cae622d50425c37fa40c7f3a7bdbe3971317be5887d24bb919d7296f61532585

    • SHA512

      6630890b6e67c1dc8db44fc097a981cc0cf19328becb1b843d81e1f9e7b1119038180d2518d8c93d88672b41188706bfc816068f5c3a0fe9522e424589663f71

    • SSDEEP

      49152:3nlk0k7lVKo6anIFQfmkOtmp959Gmju/CD4qdlDP:3q0knKoHPtpju/Ur

    Score
    10/10
    • Stealerium

      An open source info stealer written in C# first seen in May 2022.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks