Overview

overview

10

Static

static

10

Soul_stealer-main.zip

windows7-x64

1

Soul_stealer-main.zip

windows10-2004-x64

1

Soul_steal...DME.md

windows7-x64

3

Soul_steal...DME.md

windows10-2004-x64

3

Soul_steal...er.exe

windows7-x64

7

Soul_steal...er.exe

windows10-2004-x64

8

�`*0X}~.pyc

windows7-x64

�`*0X}~.pyc

windows10-2004-x64

Soul_steal...OBF.py

windows7-x64

3

Soul_steal...OBF.py

windows10-2004-x64

3

Soul_steal...s/cert

windows7-x64

1

Soul_steal...s/cert

windows10-2004-x64

1

Soul_steal...g.json

windows7-x64

3

Soul_steal...g.json

windows10-2004-x64

3

Soul_steal...der.py

windows7-x64

3

Soul_steal...der.py

windows10-2004-x64

3

Soul_steal...ess.py

windows7-x64

3

Soul_steal...ess.py

windows10-2004-x64

3

Soul_steal...ess.py

windows7-x64

3

Soul_steal...ess.py

windows10-2004-x64

3

Soul_steal...ar.exe

windows7-x64

3

Soul_steal...ar.exe

windows10-2004-x64

3

Soul_steal...eg.key

windows7-x64

3

Soul_steal...eg.key

windows10-2004-x64

3

Soul_steal...ts.txt

windows7-x64

1

Soul_steal...ts.txt

windows10-2004-x64

1

Soul_steal...un.bat

windows7-x64

1

Soul_steal...un.bat

windows10-2004-x64

1

Soul_steal...ief.py

ubuntu-18.04-amd64

1

Soul_steal...ief.py

debian-9-armhf

1

Soul_steal...ief.py

debian-9-mips

Soul_steal...ief.py

debian-9-mipsel

Sharing

Copy URL Twitter E-mail

General

  • Target

    Soul_stealer-main.zip

  • Size

    6.7MB

  • MD5

    1a952d2ee32c3c81a154946c70f66fa8

  • SHA1

    175203103856deec4ce8cc20feeb322ec6b41a86

  • SHA256

    d49d6f48c8f34584d09ea6ece0a9bf2196a40f090aa6a195f95bc720cecde3f5

  • SHA512

    19844c6cf98cb9ae7d5702c816dfb3662a09f0f45bfeb529e73e6ee6938a35a41efe5513b93e5857913d032e8200df323f2f348d89398b159e52ddc92a7c46e7

  • SSDEEP

    98304:KNiDPHBiP2wQmHZ/7aw8ZyYtPhrgJDh9HrAXlF4BTmYIR2wAupWOYWMwJpfyHvrQ:KSH0PPaHhXramlFSSYIkwAuplYWMw/6s

Score
10/10
upxblankgrabber

Malware Config

Signatures

  • A stealer written in Python and packaged with Pyinstaller 1 IoCs
  • Blankgrabber family
    blankgrabber
  • Patched UPX-packed file 1 IoCs

    Sample is packed with UPX but required header fields are zeroed out to prevent unpacking with the default UPX tool.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 3 IoCs

    Checks for missing Authenticode signature.

Files

  • Soul_stealer-main.zip
    .zip
  • Soul_stealer-main/README.md
  • Soul_stealer-main/Soul Stealer/Builder.bat
    .exe windows:5 windows x86 arch:x86

    9222d372923baed7aa9dfa28449a94ea


    Headers

    Imports

    Sections

  • �`*0X}~.pyc
  • Soul_stealer-main/Soul Stealer/Components/BlankOBF.py
  • Soul_stealer-main/Soul Stealer/Components/cert
  • Soul_stealer-main/Soul Stealer/Components/config.json
  • Soul_stealer-main/Soul Stealer/Components/loader.py
  • Soul_stealer-main/Soul Stealer/Components/postprocess.py
  • Soul_stealer-main/Soul Stealer/Components/process.py
  • Soul_stealer-main/Soul Stealer/Components/rar.exe
    .exe windows:5 windows x64 arch:x64

    9a33888e10929c185d02249d2b55c15a


    Code Sign

    Headers

    Imports

    Sections

  • Soul_stealer-main/Soul Stealer/Components/rarreg.key
  • Soul_stealer-main/Soul Stealer/Components/requirements.txt
  • Soul_stealer-main/Soul Stealer/Components/run.bat
    .bat .vbs
  • Soul_stealer-main/Soul Stealer/Components/sigthief.py
    .py .sh linux
  • Soul_stealer-main/Soul Stealer/Components/stub.py
  • Soul_stealer-main/Soul Stealer/Components/upx.exe
    .exe windows:4 windows x64 arch:x64


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x64 arch:x64


    Headers

    Sections

  • Soul_stealer-main/Soul Stealer/Components/version.txt
  • Soul_stealer-main/Soul Stealer/Extras/hash
  • Soul_stealer-main/Soul Stealer/Extras/icon.ico
  • Soul_stealer-main/Soul Stealer/Extras/unblock_sites.py
  • Soul_stealer-main/Soul Stealer/READme.txt
  • Soul_stealer-main/Soul Stealer/config.json
  • Soul_stealer-main/Soul Stealer/gui.py