metastealer | 4d546e62bbd229511c831727642afcd28009f3d293a4e13ea03252abe29ff1b5 | Triage

Resubmissions

15-01-2025 22:48

250115-2rgjgazlen 3

29-02-2024 16:02

240229-tgwlmsdg71 10

Sharing

General

Target

Sig.exe
Size

1.5MB
Sample

240229-tgwlmsdg71
MD5

c68c16589a1c06e534aa7a29ed4fe1aa
SHA1

4fdee6b3c80029bd9e64d03a05503b9427844582
SHA256

4d546e62bbd229511c831727642afcd28009f3d293a4e13ea03252abe29ff1b5
SHA512

28f9954fb56bb3d2637ae3a4547b8f1b7a5e335f51265b4845a59b143d1904c303dd5e35d6d6bfeb528e92ad9d85e624b6a9d50789a7b673eb670d8fdcc365aa
SSDEEP

24576:ihgVrnoHu/QSDTV+Bnvu8tOvkTyuhOOPZ1afVyH0VsQ4OttT0:iWhoONVnkTyugmZELsMp0

Score

10^/10

metastealer spyware stealer

Malware Config

Targets

- Target
  
  Sig.exe
- Size
  
  1.5MB
- MD5
  
  c68c16589a1c06e534aa7a29ed4fe1aa
- SHA1
  
  4fdee6b3c80029bd9e64d03a05503b9427844582
- SHA256
  
  4d546e62bbd229511c831727642afcd28009f3d293a4e13ea03252abe29ff1b5
- SHA512
  
  28f9954fb56bb3d2637ae3a4547b8f1b7a5e335f51265b4845a59b143d1904c303dd5e35d6d6bfeb528e92ad9d85e624b6a9d50789a7b673eb670d8fdcc365aa
- SSDEEP
  
  24576:ihgVrnoHu/QSDTV+Bnvu8tOvkTyuhOOPZ1afVyH0VsQ4OttT0:iWhoONVnkTyugmZELsMp0
Score

10^/10

metastealer spyware stealer
- Meta Stealer
  Meta Stealer steals passwords stored in browsers, written in C++.
  stealer metastealer
- MetaStealer payload
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metastealerspywarestealer