Overview

overview

10

Static

static

10

build.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    build.exe

  • Size

    1.6MB

  • Sample

    240623-ry4bpsyalr

  • MD5

    12b0e5a39858c0961e87a45b722eb6c3

  • SHA1

    ae90c4fe76402ccd1ecd0518b46c4541006556cf

  • SHA256

    ad9236ff62a5f2e49b8a5d989418351782280ab58a7ef56e5a747aecd5c1bbba

  • SHA512

    ed51021bd2676f74dacfaf9c8241c1aba0192dea7328da6b255ae9c0a566a5969dffcef9d76161169561a505d335c097b10375cd7b67ec3e96df2f0b6de2a0d5

  • SSDEEP

    49152:7kTq24GjdGSiqkqXfd+/9AqYanieKdsy:71EjdGSiqkqXf0FLYW

Score
10/10
stealeriumstealer

Malware Config

Extracted

Family

stealerium

C2

https://discord.com/api/webhooks/1254442204810711072/YOrqXWnq1fBhe1TXUtRcyfGvHcZNJwNc4AuaN9zvhpW3TKcQ1OPk7EEtuOpz8Qz-M3lx

Targets

    • Target

      build.exe

    • Size

      1.6MB

    • MD5

      12b0e5a39858c0961e87a45b722eb6c3

    • SHA1

      ae90c4fe76402ccd1ecd0518b46c4541006556cf

    • SHA256

      ad9236ff62a5f2e49b8a5d989418351782280ab58a7ef56e5a747aecd5c1bbba

    • SHA512

      ed51021bd2676f74dacfaf9c8241c1aba0192dea7328da6b255ae9c0a566a5969dffcef9d76161169561a505d335c097b10375cd7b67ec3e96df2f0b6de2a0d5

    • SSDEEP

      49152:7kTq24GjdGSiqkqXfd+/9AqYanieKdsy:71EjdGSiqkqXf0FLYW

    Score
    10/10
    stealeriumstealer

    • Stealerium

      An open source info stealer written in C# first seen in May 2022.

      stealerstealerium

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Resource Development

Reconnaissance

Tasks