Overview

overview

10

Static

static

10

StormLab_s...ab.exe

windows11-21h2-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    StormLab_setup.rar

  • Size

    16.6MB

  • Sample

    240306-dt8tqsbb33

  • MD5

    ce18b3945b25bbf690fe99a90f2aa1ad

  • SHA1

    321ccba1d4b9179ad03dd31bb3e48c056caa50a8

  • SHA256

    7d8f73ced906313777bdf50b173ab35b6281cf4c79ad48a4bd4e71c908e7a54a

  • SHA512

    60609c850c17041c1e0dc640382115f1c5c9a3a4e02920534fa4e88ac5791ba87f030f97d149aa18a3ba6ae1ab1b2c296fb7a484000c448cebc9dc815e720a5d

  • SSDEEP

    393216:0wZlBgSuHSA7Jd0rssYDVXcmUzXoE0+ydwN4ir/t8SP2esTVn2l9y+UO6:nTBgSuP7JEsHVX3UToEjydwN40/t8SP4

Score
10/10
crealstealerpyinstallerspywarestealer

Malware Config

Targets

    • Target

      StormLab_setup/StormLab.exe

    • Size

      17.1MB

    • MD5

      f9b3595c5af5b703f6db357971b255be

    • SHA1

      a6b0ea5f0786e27cf3f5f77989b7c1fed20dfa92

    • SHA256

      fd1f60a5cf3be939a1bd01fd88e0aca5243b1c1336227b092ae0b64d4bacf929

    • SHA512

      7ab31e854438dd937efb3df3b698eee4e62b305ff96788771a053411a0aad35a50c1beefb67ec6541ccac201552b2056adac339440b2b744ab80871f9232a891

    • SSDEEP

      393216:liIE7YoPQJRHi+2ohcyLbdQuslSl99oWOv+9f+TWZXNfpg:K7rPQnHiRyc0bdQu9DorvS2T49p

    Score
    7/10
    spywarestealer

    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks