Extracted

• • Target

    e3419829c4e6f448ed4b26fe35ae6ce9_JaffaCakes118

  • Size

    928KB

  • MD5

    e3419829c4e6f448ed4b26fe35ae6ce9

  • SHA1

    902805b919c3e1f078eeb607889a01a75b29b49a

  • SHA256

    d77b5185cb9ee6f14b0dfffc147aca637fff8764c100d70090493b8f9851731f

  • SHA512

    2ab6eeafb3e694aba8100df44bcf0b18736fd5aab90d495cbf5646bfbd0db6715cb4a5e3692200992594a40ef83076045cc37d676c12dbbfd1e57258aa6b7feb

  • SSDEEP

    12288:h1Wl8T5NM63xjmeRfdoZBgAWF2p3OGdUMXysKA/zXQ:hA27dxIgBF0OGdUkysLzXQ

  Score

  10^/10

  matiexcollectionkeyloggerstealer

  • Matiex

    Matiex is a keylogger and infostealer first seen in July 2020.

    stealerkeyloggermatiex

  • Matiex Main payload

  • Accesses Microsoft Outlook profiles

    collection

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2