marsstealer | b7737850b4f9843c60a23ca39b81fecdb60a04fbcd5839326f854f0a092f95c5 | Triage

Sharing

General

Target

Gammadyne Mailer.exe
Size

668KB
Sample

240404-bcbrkaad43
MD5

1ff8f5b71d19c4faffa31dfdc21fd263
SHA1

cb42386f7fd958812ffcfff9b0c107158eca5994
SHA256

b7737850b4f9843c60a23ca39b81fecdb60a04fbcd5839326f854f0a092f95c5
SHA512

74a1e83bc9a03ffadf78c18a7bb056724c17b6dce3e85ed214282ca38adb47d52a3f8c48c82a1b9c25014c7739f4dcd18faf3a6b81bf90247f6d3086d16698fa
SSDEEP

12288:jkZbvRx3JGXdvLI/tt5AzzCRlr+RGc6xyArqg5GnD8LVduHRvBHnVr7MHWrgcli7:xRWy68/ghD7q

Score

10^/10

marsstealer default stealer

Malware Config

Extracted

Family

marsstealer

Botnet

Default

Targets

- Target
  
  Gammadyne Mailer.exe
- Size
  
  668KB
- MD5
  
  1ff8f5b71d19c4faffa31dfdc21fd263
- SHA1
  
  cb42386f7fd958812ffcfff9b0c107158eca5994
- SHA256
  
  b7737850b4f9843c60a23ca39b81fecdb60a04fbcd5839326f854f0a092f95c5
- SHA512
  
  74a1e83bc9a03ffadf78c18a7bb056724c17b6dce3e85ed214282ca38adb47d52a3f8c48c82a1b9c25014c7739f4dcd18faf3a6b81bf90247f6d3086d16698fa
- SSDEEP
  
  12288:jkZbvRx3JGXdvLI/tt5AzzCRlr+RGc6xyArqg5GnD8LVduHRvBHnVr7MHWrgcli7:xRWy68/ghD7q
Score

10^/10

marsstealer default stealer
- Mars Stealer
  An infostealer written in C++ based on other infostealers.
  stealer marsstealer
- Executes dropped EXE
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

marsstealerdefaultstealer