General

  • Target

    WaveWindowsCracked.exe

  • Size

    1.6MB

  • Sample

    240826-nhc8ss1bnc

  • MD5

    1558c711774126500c3e278933d0a2bb

  • SHA1

    168421e0fb742b2ae1e70130deeb65d18f88d02b

  • SHA256

    965fd8dd7b3be89609936161d673541efcad2eb709ad37016ce37efbd72b054d

  • SHA512

    6648801c431900e7deecc18ae997abdac293588248b9e64c5d8d50bfcfded0f5e4568e2592371d7b4ce7da7cf8399d761514e921a3bf7a35a812c429957976f7

  • SSDEEP

    49152:bkTq24GjdGSiqkqXfd+/9AqYanieKds+:b1EjdGSiqkqXf0FLYW

Malware Config

Extracted

Family

stealerium

C2

https://discord.com/api/webhooks/1271851698473930752/0-NTtGyFGq1KkS0Bx3EmIVoBssXyqkg8GNp3zAN60XhQPY1LrLFrHs-zkIKSmQ0DtmDS

Targets

    • Target

      WaveWindowsCracked.exe

    • Size

      1.6MB

    • MD5

      1558c711774126500c3e278933d0a2bb

    • SHA1

      168421e0fb742b2ae1e70130deeb65d18f88d02b

    • SHA256

      965fd8dd7b3be89609936161d673541efcad2eb709ad37016ce37efbd72b054d

    • SHA512

      6648801c431900e7deecc18ae997abdac293588248b9e64c5d8d50bfcfded0f5e4568e2592371d7b4ce7da7cf8399d761514e921a3bf7a35a812c429957976f7

    • SSDEEP

      49152:bkTq24GjdGSiqkqXfd+/9AqYanieKds+:b1EjdGSiqkqXf0FLYW

    • Stealerium

      An open source info stealer written in C# first seen in May 2022.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks