stealerium | 295303516fe6fed6586432afa4e9c0385c526786ae3c6a3be1cc8a561a2a100c | Triage

Submit
Reports

Overview

overview

Static

static

1

daun.bat

windows10-2004-x64

Sharing

General

Target

daun.bat
Size

26B
Sample

240614-yjgmqatbkd
MD5

fb13c5908146d39f3a5fdeb69a5254a4
SHA1

a6fb64b8bc2e58647569f311b6918dbfdbd82507
SHA256

295303516fe6fed6586432afa4e9c0385c526786ae3c6a3be1cc8a561a2a100c
SHA512

2de792688627911072182d48e0fc3180a37cc5379272a8b7e429441e3eb69803901b80788848bfdd2f86515ad8a5392fe390b784db38cc7456221f8dea338622

Score

10^/10

stealerium execution stealer

Static task

static1

Behavioral task

behavioral1

Sample

daun.bat

Resource

win10v2004-20240611-en

stealerium execution stealer

windows10-2004-x64

18 signatures

600 seconds

Malware Config

Extracted

Family

stealerium

C2

https://discord.com/api/webhooks/1251198513031811144/nJHl6BhkEHbE3lBzprQbscTSTrEsrKdjTFgv-IrdN8o5_7i-tC4AlCQso26UTjNF8ZHZ

Targets

- Target
  
  daun.bat
- Size
  
  26B
- MD5
  
  fb13c5908146d39f3a5fdeb69a5254a4
- SHA1
  
  a6fb64b8bc2e58647569f311b6918dbfdbd82507
- SHA256
  
  295303516fe6fed6586432afa4e9c0385c526786ae3c6a3be1cc8a561a2a100c
- SHA512
  
  2de792688627911072182d48e0fc3180a37cc5379272a8b7e429441e3eb69803901b80788848bfdd2f86515ad8a5392fe390b784db38cc7456221f8dea338622
Score

10^/10

stealerium execution stealer
- Stealerium
  An open source info stealer written in C# first seen in May 2022.
  stealer stealerium
- Blocklisted process makes network request
- Command and Scripting Interpreter: PowerShell
  Powershell Invoke Web Request.
  execution
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

stealeriumexecutionstealer

© 2018-2024

Terms | Privacy