Overview

overview

3

Static

static

3

Desktop St...er.exe

windows7-x64

1

Desktop St...er.exe

windows10-2004-x64

1

Desktop St...40.dll

windows7-x64

1

Desktop St...40.dll

windows10-2004-x64

1

Desktop St...64.dll

windows7-x64

1

Desktop St...64.dll

windows10-2004-x64

1

Desktop St...z2.dll

windows7-x64

1

Desktop St...z2.dll

windows10-2004-x64

1

Desktop St...64.dll

windows7-x64

1

Desktop St...64.dll

windows10-2004-x64

1

Desktop St...al.dll

windows7-x64

1

Desktop St...al.dll

windows10-2004-x64

1

Desktop St...ib.dll

windows7-x64

1

Desktop St...ib.dll

windows10-2004-x64

1

Desktop St...ma.dll

windows7-x64

1

Desktop St...ma.dll

windows10-2004-x64

1

Desktop St...ue.dll

windows7-x64

1

Desktop St...ue.dll

windows10-2004-x64

1

Desktop St...sl.dll

windows7-x64

1

Desktop St...sl.dll

windows10-2004-x64

1

Desktop St...mi.dll

windows7-x64

1

Desktop St...mi.dll

windows10-2004-x64

1

Desktop St...-0.dll

windows10-2004-x64

1

Desktop St...-0.dll

windows10-2004-x64

1

Desktop St...-0.dll

windows10-2004-x64

1

Desktop St...-0.dll

windows10-2004-x64

1

Desktop St...-0.dll

windows10-2004-x64

1

Desktop St...-0.dll

windows10-2004-x64

1

Desktop St...-0.dll

windows10-2004-x64

1

Desktop St...-0.dll

windows10-2004-x64

1

Desktop St...-0.dll

windows10-2004-x64

1

Desktop St...-0.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Desktop_Stealer.rar

  • Size

    11.6MB

  • Sample

    240808-3jb5fssdjk

  • MD5

    774e20f90fe97b1099e582c1d43d2cbd

  • SHA1

    fbfc2bc992dd6543b4dc91325232643874d05a4e

  • SHA256

    10b82b91030c8d5ccb301df032590e9e49d7070e7fb16904bf9b81a8b09d7ccf

  • SHA512

    be426fa95d5302df15c43d338839e06153b04f184cdba1446a0bfb087669e13ca8a7bbfabe6e0002901f386b058cfa507baca8f7172f33aab208a9108c6e11ae

  • SSDEEP

    196608:V3tWivvk3SOaqw3pSBPfgnWNeVsO8U6BhWaw1dmtrMfJ+4xS6TcJTL:D9vtOaqwFW4tH6BhWPYtet1ToL

Score
3/10
pyinstaller

Malware Config

Targets

    • Target

      Desktop Stealer/Desktop Stealer.exe

    • Size

      2.5MB

    • MD5

      7c636050f7ff5515ab60addc4b753f30

    • SHA1

      ab018562d7b55647abba06bbf2a854c4fa1eb792

    • SHA256

      69ae987bc3cc0f01f74f8aff58829cac887da5d26ad1fee36ef1b86faed499c2

    • SHA512

      bb24ce94e240afc7d8966bd8df59b6a765b49853eff5b8b25d7a7285458a3a19310dcfaa22b284ef52122c26d3024fb772e22062dfab85dd99646a1b1d9f5472

    • SSDEEP

      49152:9MsPqAtV+GicY99/jLIRy6JyoHk9OErU+lCzKNdPXJNF8eLgJZrfml2IRQ21C:6sCmi9V/CymFHk9OIU+lSK7JND0rr+R1

    Score
    1/10
    behavioral1behavioral2

    • Target

      Desktop Stealer/_internal/VCRUNTIME140.dll

    • Size

      116KB

    • MD5

      be8dbe2dc77ebe7f88f910c61aec691a

    • SHA1

      a19f08bb2b1c1de5bb61daf9f2304531321e0e40

    • SHA256

      4d292623516f65c80482081e62d5dadb759dc16e851de5db24c3cbb57b87db83

    • SHA512

      0da644472b374f1da449a06623983d0477405b5229e386accadb154b43b8b083ee89f07c3f04d2c0c7501ead99ad95aecaa5873ff34c5eeb833285b598d5a655

    • SSDEEP

      1536:+qvQ1Dj2DkX7OcujarvmdlYNABCmgrP4ddbkZIecbWcFML/UXzlghzdMFw84hzk:+qvQ1D2CreiABCmgYecbWVLUD6h+b4ho

    Score
    1/10
    behavioral3behavioral4

    • Target

      Desktop Stealer/_internal/_brotli.cp312-win_amd64.pyd

    • Size

      802KB

    • MD5

      9ad5bb6f92ee2cfd29dde8dd4da99eb7

    • SHA1

      30a8309938c501b336fd3947de46c03f1bb19dc8

    • SHA256

      788acbfd0edd6ca3ef3e97a9487eeaea86515642c71cb11bbcf25721e6573ec8

    • SHA512

      a166abcb834d6c9d6b25807adddd25775d81e2951e1bc3e9849d8ae868dedf2e1ee1b6b4b288ddfbd88a63a6fa624e2d6090aa71ded9b90c2d8cbf2d9524fdbf

    • SSDEEP

      12288:wA0uu7wLKRemz/MfQuZ3ekAHhly782XTw05nmZfRJ:wfTdkAFtAmZfRJ

    Score
    1/10
    behavioral5behavioral6

    • Target

      Desktop Stealer/_internal/_bz2.pyd

    • Size

      82KB

    • MD5

      90f58f625a6655f80c35532a087a0319

    • SHA1

      d4a7834201bd796dc786b0eb923f8ec5d60f719b

    • SHA256

      bd8621fcc901fa1de3961d93184f61ea71068c436794af2a4449738ccf949946

    • SHA512

      b5bb1ecc195700ad7bea5b025503edd3770b1f845f9beee4b067235c4e63496d6e0b19bdd2a42a1b6591d1131a2dc9f627b2ae8036e294300bb6983ecd644dc8

    • SSDEEP

      1536:ES7z7Sj2u5ia5ifC83zYLzbCK8CkotIpCVF7SyTUxIS:/7z+jw3MzCNCkotIpCVF+

    Score
    1/10
    behavioral7behavioral8

    • Target

      Desktop Stealer/_internal/_cffi_backend.cp312-win_amd64.pyd

    • Size

      178KB

    • MD5

      0572b13646141d0b1a5718e35549577c

    • SHA1

      eeb40363c1f456c1c612d3c7e4923210eae4cdf7

    • SHA256

      d8a76d1e31bbd62a482dea9115fc1a109cb39af4cf6d1323409175f3c93113a7

    • SHA512

      67c28432ca8b389acc26e47eb8c4977fddd4af9214819f89df07fecbc8ed750d5f35807a1b195508dd1d77e2a7a9d7265049dcfbfe7665a7fd1ba45da1e4e842

    • SSDEEP

      3072:YRAMUp3K6YoDssyudy4VcRG+nR3hnW3mjwwOdkS9S7iSSTLkK/jftw3buz:Y6MyK65ssy+MG+LnSUwjD9zSSTLL/jl8

    Score
    1/10
    behavioral10behavioral9

    • Target

      Desktop Stealer/_internal/_decimal.pyd

    • Size

      247KB

    • MD5

      f78f9855d2a7ca940b6be51d68b80bf2

    • SHA1

      fd8af3dbd7b0ea3de2274517c74186cb7cd81a05

    • SHA256

      d4ae192bbd4627fc9487a2c1cd9869d1b461c20cfd338194e87f5cf882bbed12

    • SHA512

      6b68c434a6f8c436d890d3c1229d332bd878e5777c421799f84d79679e998b95d2d4a013b09f50c5de4c6a85fcceb796f3c486e36a10cbac509a0da8d8102b18

    • SSDEEP

      6144:kgd/2mZLgPFIY9qWM53pLW1AepppzoeteKU:JZLgPykeKU

    Score
    1/10
    behavioral11behavioral12

    • Target

      Desktop Stealer/_internal/_hashlib.pyd

    • Size

      64KB

    • MD5

      8baeb2bd6e52ba38f445ef71ef43a6b8

    • SHA1

      4132f9cd06343ef8b5b60dc8a62be049aa3270c2

    • SHA256

      6c50c9801a5caf0bb52b384f9a0d5a4aa182ca835f293a39e8999cf6edf2f087

    • SHA512

      804a4e19ea622646cea9e0f8c1e284b7f2d02f3620199fa6930dbdadc654fa137c1e12757f87c3a1a71ceff9244aa2f598ee70d345469ca32a0400563fe3aa65

    • SSDEEP

      1536:uElYij3wzR1lBafLEmIRhFIpOIi7SyHqxn:zYdBaTEmghFIpOIiu

    Score
    1/10
    behavioral13behavioral14

    • Target

      Desktop Stealer/_internal/_lzma.pyd

    • Size

      155KB

    • MD5

      cf8de1137f36141afd9ff7c52a3264ee

    • SHA1

      afde95a1d7a545d913387624ef48c60f23cf4a3f

    • SHA256

      22d10e2d6ad3e3ed3c49eb79ab69a81aaa9d16aeca7f948da2fe80877f106c16

    • SHA512

      821985ff5bc421bd16b2fa5f77f1f4bf8472d0d1564bc5768e4dbe866ec52865a98356bb3ef23a380058acd0a25cd5a40a1e0dae479f15863e48c4482c89a03f

    • SSDEEP

      3072:kEVLLSVeexIDteznfV9mNoNMuX4mZp7zuNtIpZ1uV:kEVHbeye9YON1buNN

    Score
    1/10
    behavioral15behavioral16

    • Target

      Desktop Stealer/_internal/_queue.pyd

    • Size

      31KB

    • MD5

      5aa4b057ba2331eed6b4b30f4b3e0d52

    • SHA1

      6b9db113c2882743984c3d8b70ec49fc4a136c23

    • SHA256

      d43dca0e00c3c11329b68177e967cf5240495c4786f5afa76ac4f267c3a5cdb9

    • SHA512

      aa5aa3285ea5c177eca055949c5f550dbd2d2699202a29efe2077213cbc95fff2a36d99eecce249ac04d95baf149b3d8c557a67fc39ead3229f0b329e83447b7

    • SSDEEP

      768:0k+Eq6rf65MoJ/MBIpQUh5YiSyv/AMxkEG:55fhoJEBIpQUP7SynxC

    Score
    1/10
    behavioral17behavioral18

    • Target

      Desktop Stealer/_internal/_ssl.pyd

    • Size

      173KB

    • MD5

      6774d6fb8b9e7025254148dc32c49f47

    • SHA1

      212e232da95ec8473eb0304cf89a5baf29020137

    • SHA256

      2b6f1b1ac47cb7878b62e8d6bb587052f86ca8145b05a261e855305b9ca3d36c

    • SHA512

      5d9247dce96599160045962af86fc9e5439f66a7e8d15d1d00726ec1b3b49d9dd172d667380d644d05cb18e45a5419c2594b4bcf5a16ea01542ae4d7d9a05c6e

    • SSDEEP

      3072:ECRW4ljuyKK8vZktW5NP6Xf9N54eNWXvM4VRJNI7IM/cbP7RHs3FJZtIpC7f6:EmfEyKKaZP6Xf92MSV+JZM

    Score
    1/10
    behavioral19behavioral20

    • Target

      Desktop Stealer/_internal/_wmi.pyd

    • Size

      35KB

    • MD5

      cb0564bc74258cb1320c606917ce5a71

    • SHA1

      5b2bfc0d997cc5b7d985bfadddbfc180cb01f7cf

    • SHA256

      0342916a60a7b39bbd5753d85e1c12a4d6f990499753d467018b21cefa49cf32

    • SHA512

      43f3afa9801fcf5574a30f4d3e7ae6aff65c7716462f9aba5bc8055887a44bf38fba121639d8b31427e738752fe3b085d1d924de2633f4c042433e1960023f38

    • SSDEEP

      768:6RxnHG7MYGQd0fmdzA77yeutIpCiq5YiSyvtGAMxkENy:6Rxnm7M6dKmdzA77yeutIpCio7SyCxZy

    Score
    1/10
    behavioral21behavioral22

    • Target

      Desktop Stealer/_internal/api-ms-win-core-console-l1-1-0.dll

    • Size

      21KB

    • MD5

      40ba4a99bf4911a3bca41f5e3412291f

    • SHA1

      c9a0e81eb698a419169d462bcd04d96eaa21d278

    • SHA256

      af0e561bb3b2a13aa5ca9dfc9bc53c852bad85075261af6ef6825e19e71483a6

    • SHA512

      f11b98ff588c2e8a88fdd61d267aa46dc5240d8e6e2bfeea174231eda3affc90b991ff9aae80f7cea412afc54092de5857159569496d47026f8833757c455c23

    • SSDEEP

      192:HFOhEWhhW9DWGxVA6VWQ4iW7rd9ZnAOVX01k9z3AAcodV:HFdWhhWhxdm31AqR9z7BV

    Score
    1/10
    behavioral23

    • Target

      Desktop Stealer/_internal/api-ms-win-core-datetime-l1-1-0.dll

    • Size

      21KB

    • MD5

      c5e3e5df803c9a6d906f3859355298e1

    • SHA1

      0ecd85619ee5ce0a47ff840652a7c7ef33e73cf4

    • SHA256

      956773a969a6213f4685c21702b9ed5bd984e063cf8188acbb6d55b1d6ccbd4e

    • SHA512

      deedef8eaac9089f0004b6814862371b276fbcc8df45ba7f87324b2354710050d22382c601ef8b4e2c5a26c8318203e589aa4caf05eb2e80e9e8c87fd863dfc9

    • SSDEEP

      192:LWhhW8R9WvkJ0f5AbVWQ4mWC7ZNKd2kQX01k9z3Ad4+BhNKD:LWhhWgaab/NNPR9zw4fD

    Score
    1/10
    behavioral24

    • Target

      Desktop Stealer/_internal/api-ms-win-core-debug-l1-1-0.dll

    • Size

      21KB

    • MD5

      71f1d24c7659171eafef4774e5623113

    • SHA1

      8712556b19ed9f80b9d4b6687decfeb671ad3bfe

    • SHA256

      c45034620a5bb4a16e7dd0aff235cc695a5516a4194f4fec608b89eabd63eeef

    • SHA512

      0a14c03365adb96a0ad539f8e8d8333c042668046cea63c0d11c75be0a228646ea5b3fbd6719c29580b8baaeb7a28dc027af3de10082c07e089cdda43d5c467a

    • SSDEEP

      192:9WhhW1WGxVA6VWQ4cRWAAuENQlO8X01k9z3AenFbvrJ:9WhhWhxdleuEKlO8R9zhFHJ

    Score
    1/10
    behavioral25

    • Target

      Desktop Stealer/_internal/api-ms-win-core-errorhandling-l1-1-0.dll

    • Size

      21KB

    • MD5

      f1534c43c775d2cceb86f03df4a5657d

    • SHA1

      9ed81e2ad243965e1090523b0c915e1d1d34b9e1

    • SHA256

      6e6bfdc656f0cf22fabba1a25a42b46120b1833d846f2008952fe39fe4e57ab2

    • SHA512

      62919d33c7225b7b7f97faf4a59791f417037704eb970cb1cb8c50610e6b2e86052480cdba771e4fad9d06454c955f83ddb4aea2a057725385460617b48f86a7

    • SSDEEP

      192:IzmxD3T4qbWhhWNc5WvkJ0f5AbVWQ4OWXIH52mvp13s5yX01k9z3A3MNL3:IzQNWhhWNchaabdHMmfcYR9zEMNr

    Score
    1/10
    behavioral26

    • Target

      Desktop Stealer/_internal/api-ms-win-core-file-l1-1-0.dll

    • Size

      25KB

    • MD5

      ea00855213f278d9804105e5045e2882

    • SHA1

      07c6141e993b21c4aa27a6c2048ba0cff4a75793

    • SHA256

      f2f74a801f05ab014d514f0f1d0b3da50396e6506196d8beccc484cd969621a6

    • SHA512

      b23b78b7bd4138bb213b9a33120854249308bb2cf0d136676174c3d61852a0ac362271a24955939f04813cc228cd75b3e62210382a33444165c6e20b5e0a7f24

    • SSDEEP

      192:xaNYPvVX8rFTsiWhhWWnWGxVA6VWQ4cRWtlAd9ZnAOVX01k9z3AAcosm6:nPvVXkWhhWQxdlP31AqR9z76

    Score
    1/10
    behavioral27

    • Target

      Desktop Stealer/_internal/api-ms-win-core-file-l1-2-0.dll

    • Size

      21KB

    • MD5

      bcb8b9f6606d4094270b6d9b2ed92139

    • SHA1

      bd55e985db649eadcb444857beed397362a2ba7b

    • SHA256

      fa18d63a117153e2ace5400ed89b0806e96f0627d9db935906be9294a3038118

    • SHA512

      869b2b38fd528b033b3ec17a4144d818e42242b83d7be48e2e6da6992111758b302f48f52e0dd76becb526a90a2b040ce143c6d4f0e009a513017f06b9a8f2b9

    • SSDEEP

      192:4TGaWhhWMWvkJ0f5AbVWQ4cRWhW9qUd9ZnAOVX01k9z3AAcoXXcX:4qaWhhWIaablbR31AqR9z77MX

    Score
    1/10
    behavioral28

    • Target

      Desktop Stealer/_internal/api-ms-win-core-file-l2-1-0.dll

    • Size

      18KB

    • MD5

      bfffa7117fd9b1622c66d949bac3f1d7

    • SHA1

      402b7b8f8dcfd321b1d12fc85a1ee5137a5569b2

    • SHA256

      1ea267a2e6284f17dd548c6f2285e19f7edb15d6e737a55391140ce5cb95225e

    • SHA512

      b319cc7b436b1be165cdf6ffcab8a87fe29de78f7e0b14c8f562be160481fb5483289bd5956fdc1d8660da7a3f86d8eede35c6cc2b7c3d4c852decf4b2dcdb7f

    • SSDEEP

      384:eVrW1hWbvm0GftpBjzH4m3S9gTlUK3dsl:eVuAViaB/6sl

    Score
    1/10
    behavioral29

    • Target

      Desktop Stealer/_internal/api-ms-win-core-handle-l1-1-0.dll

    • Size

      21KB

    • MD5

      d584c1e0f0a0b568fce0efd728255515

    • SHA1

      2e5ce6d4655c391f2b2f24fc207fdf0e6cd0cc2a

    • SHA256

      3de40a35254e3e0e0c6db162155d5e79768a6664b33466bf603516f3743efb18

    • SHA512

      c7d1489bf81e552c022493bb5a3cd95ccc81dbedaaa8fdc0048cacbd087913f90b366eeb4bf72bf4a56923541d978b80d7691d96dbbc845625f102c271072c42

    • SSDEEP

      192:9jWhhWmWGxVA6VWQ4cRWMj656CqRqNX01k9z3A8oXblIHNQ:9jWhhWSxdlE5DNR9zrG6Ha

    Score
    1/10
    behavioral30

    • Target

      Desktop Stealer/_internal/api-ms-win-core-heap-l1-1-0.dll

    • Size

      21KB

    • MD5

      6168023bdb7a9ddc69042beecadbe811

    • SHA1

      54ee35abae5173f7dc6dafc143ae329e79ec4b70

    • SHA256

      4ea8399debe9d3ae00559d82bc99e4e26f310934d3fd1d1f61177342cf526062

    • SHA512

      f1016797f42403bb204d4b15d75d25091c5a0ab8389061420e1e126d2214190a08f02e2862a2ae564770397e677b5bcdd2779ab948e6a3e639aa77b94d0b3f6c

    • SSDEEP

      192:bdxlxWhhWWWvkJ0f5AbVWQ4cRWKmX56CqRqNX01k9z3A8oXjl:bdxlxWhhW2aablm5DNR9zrG

    Score
    1/10
    behavioral31

    • Target

      Desktop Stealer/_internal/api-ms-win-core-interlocked-l1-1-0.dll

    • Size

      21KB

    • MD5

      4f631924e3f102301dac36b514be7666

    • SHA1

      b3740a0acdaf3fba60505a135b903e88acb48279

    • SHA256

      e2406077621dce39984da779f4d436c534a31c5e863db1f65de5939d962157af

    • SHA512

      56f9fb629675525cbe84a29d44105b9587a9359663085b62f3fbe3eea66451da829b1b6f888606bc79754b6b814ca4a1b215f04f301efe4db0d969187d6f76f1

    • SSDEEP

      192:r4WhhWWsWvkJ0f5AbVWQ4cRWsQOZD2X01k9z3AG2hqvz:0WhhWRaablKZR9zVQM

    Score
    1/10
    behavioral32

MITRE ATT&CK Matrix

Tasks