General

  • Target

    308667b323852ff5bbc525f35b17882a49d175ab21f29c2cd1630b6986f4a236.exe

  • Size

    1.7MB

  • Sample

    240311-rtnqfsda5x

  • MD5

    ab5503f5793b4e4f67d78b6488c7ba9d

  • SHA1

    927f78f68f0ab828c22c58fad6bcf88e1e48c672

  • SHA256

    308667b323852ff5bbc525f35b17882a49d175ab21f29c2cd1630b6986f4a236

  • SHA512

    7ebe818801e7dfe583023d0c71ff0d048c62be578d4b767f5cea92576bb6f787a6ab762d4af78301e5f247f45cf8e523ec8de05cc8c50707073af7aee78c8742

  • SSDEEP

    24576:7uAkyAYueOQUzE5lZKw6PZAeWAGQn652ROuBiTmcLljVIH06iyz:pThulIZKw6qrANrs1LXIU6i

Malware Config

Targets

    • Target

      308667b323852ff5bbc525f35b17882a49d175ab21f29c2cd1630b6986f4a236.exe

    • Size

      1.7MB

    • MD5

      ab5503f5793b4e4f67d78b6488c7ba9d

    • SHA1

      927f78f68f0ab828c22c58fad6bcf88e1e48c672

    • SHA256

      308667b323852ff5bbc525f35b17882a49d175ab21f29c2cd1630b6986f4a236

    • SHA512

      7ebe818801e7dfe583023d0c71ff0d048c62be578d4b767f5cea92576bb6f787a6ab762d4af78301e5f247f45cf8e523ec8de05cc8c50707073af7aee78c8742

    • SSDEEP

      24576:7uAkyAYueOQUzE5lZKw6PZAeWAGQn652ROuBiTmcLljVIH06iyz:pThulIZKw6qrANrs1LXIU6i

    • Detect Poverty Stealer Payload

    • Poverty Stealer

      Poverty Stealer is a crypto and infostealer written in C++.

    • Executes dropped EXE

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks