stealerium

Sharing

Copy URL Twitter E-mail

General

Target

Stealerium.zip
Size

2.8MB
Sample

240830-r4sgdszhjl
MD5

c956487c81dc16555e9232408efbe44d
SHA1

9272088c2dc913b3c6e779a091755b07e7fa3050
SHA256

49d8c623abc37dff7af7d7ea15fa66b27504f166b5bf7a2d486c41ce7923a722
SHA512

1d1f77372991544e502bf6076a2e5c9cea0d80e2afc00a0f4efe97ebf9b74bb18e1b52b3ec02dd3de441fe3114dd3aa15f21fc421ddf93204571acd7b56af64c
SSDEEP

49152:TLJVKzIWdYcV84L/iexLO3eVKxR96nmWbVdXVPYiuX7lT6wxkyq1Pdr+1DUeYrxR:TLJA1dbF8ussn1Vd9YBbxkyq1PF4UPR

Score

10^/10

Malware Config

Targets

- Target
  
  Builder.deps.json
- Size
  
  5KB
- MD5
  
  d41bff259e1ebb625fc788fa681377ad
- SHA1
  
  b5c8b7725d6f885db30e9237682abfec72aa65be
- SHA256
  
  d6a04809c3737f76818082a2caf9b80ac7f0e14bc73b2fabdea2df46d9e25a52
- SHA512
  
  8aaed8b1b2e40c5a631753789fcf34dadf95a4aab29f852a98ecb3dc30dc5c1df11d69081fb17282c78e0310e65567ab7339bc58efba6fc7b6f729f31fc040e3
- SSDEEP
  
  48:nC00u5rEsIXhpXhNXh3JX178dOmuOWhTV7H+qLSYHByD3cHIco3aHEg3HwHf1LHL:YuNEHx7HLSYgD3cIKkQQcsB1vd
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  Builder.dll
- Size
  
  216KB
- MD5
  
  41dd506cd0525197e69d9c8592aed2a7
- SHA1
  
  5d04b134c8f1800fbcd664898d34dee8d10d8fa8
- SHA256
  
  dcd0162524ce4ae11f5c5e9b496e35ce6a096e5dea8e63b45fa835069737f87c
- SHA512
  
  16ba073d871eb9a244b8e733c101e9fec98699d881440e0dfa661e9f331fda0789f232e4abd70dcff3649a5428049590461da83ab7f0078e3ed9c7fc2fbfb28b
- SSDEEP
  
  6144:Klx3eDAIbr0K3xybL1tAj4PhFqFVfrRbP:Klx3mbr0P1tAj4P6r9
Score

1^/10
behavioral3 behavioral4
- Target
  
  Builder.exe
- Size
  
  146KB
- MD5
  
  6c898b9e5467f6d3442a579b7856bdaf
- SHA1
  
  9522f2f219deaf4bb52262c2a5d23393037ec35f
- SHA256
  
  8bf6beb962bf051de009059554aa265012342bd6ec841abd2aa94ba1335a333f
- SHA512
  
  df35d776b2df079a9440ac1b0435e0fe9e4f1c17ee0790b1057ede8f146d90889c1fe727cd5112b27b2f4e96903c83f8ef7d61bc359aa762b708d17ad7676c41
- SSDEEP
  
  3072:Iczkitvo4BpYN/6mBPry8TXROLdW5m4mURQ9OOGJ0kj:IA4NCmBPry/N2cOOI
Score

1^/10
behavioral5 behavioral6
- Target
  
  Builder.pdb
- Size
  
  14KB
- MD5
  
  76d1e4255ca2b642bceea0d1fb5dee22
- SHA1
  
  9b704b1463159896d3294fae21ee3ac91795c9a1
- SHA256
  
  7091aae963e00fcc11461cbcd53f46a4a004f748ede5defc82724811a8879800
- SHA512
  
  ca0d6aa9352e6a2f85f208464ad8030f5576d82cefabc093bdb1a2c47e18d3bf1679ae369f3e7f0906d8b350fc8a878f0f2e62f0b3064a7d89cb7b4c56b2feb5
- SSDEEP
  
  384:MMtVmNTLyD5ayqNCXNLJ4R2TDO7YSUdIKHLfzsAPWW0tSucUZ6:JtI75c
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  Builder.runtimeconfig.json
- Size
  
  253B
- MD5
  
  24e4653829de1022d01cd7ddd26e2f22
- SHA1
  
  9160a009cb381e044ba4c63e4435da6bfeb9dc6d
- SHA256
  
  ded3aeb5856a11db0b654a785574490cab55839ebfb17efe9e39b89618fc5b91
- SHA512
  
  efd4bbba1baec0b47003831510e3aa539db9ef468e0f06ba9d7ba6d0b3800035f7c818d7d90171bfd377ec97d08c4617555bcff635dd83efceb412b1a9cca820
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  Mono.Cecil.Mdb.dll
- Size
  
  38KB
- MD5
  
  0c2d7a3d146e193d7b8e50f0fe398568
- SHA1
  
  bf0a6ab31388eab1ffd3cd87fae62b45e90cba24
- SHA256
  
  2bda97fc302904bf235d631e698a0c81324872dfad2a38e63ef66389155bfcf4
- SHA512
  
  5fdc45ae536955e6f66970b35008ce15c5c5624d0b31bd41c79d6548d0d1b950042f51fe7dbbbc33a6256f90f5db23bf0070abe24502a050505be66f086d6df0
- SSDEEP
  
  768:ArF3HuZyOt78PeWSTkazhOOgfGNOV/pVxPRpaCCrHpTFuzL4oWB:ArFecOt78PeWC8OgfGkVh6pTcL4oWB
Score

1^/10
behavioral11 behavioral12
- Target
  
  Mono.Cecil.Pdb.dll
- Size
  
  87KB
- MD5
  
  625ce2e8be214194a161fe80e6eca7d0
- SHA1
  
  58944e03ee249618e9440545623c4545777377f7
- SHA256
  
  333397769114ffd13046a25b9cfffd41c44a3450ea9ea1fd13b76eec28e1a815
- SHA512
  
  c324ea36e4a89a6052f685e4f96527323ab6f4eea4f4c70c71f08a84df2d46332d91c3f289463502887d9b098dc6e69036c322630b770531927d5329873b250f
- SSDEEP
  
  1536:mffXkeOyX+6C5S6R7nQSALYKXNgJGsZaBcLevjCXeo:ao5S6R7nNArWJGPBEeveXeo
Score

1^/10
behavioral13 behavioral14
- Target
  
  Mono.Cecil.Rocks.dll
- Size
  
  26KB
- MD5
  
  6fc634673b94c7ddde6e2ba277f7e7c7
- SHA1
  
  f29feb86a8595d104b3b1b4be809f6e9fbc8f042
- SHA256
  
  a6d3e6eab8d89dbd6fcf34268a08a6544ea142b6bcc5f665bee62317786b7892
- SHA512
  
  51f4782d7a8e2b3ffbb8fedddcfe85379e5adc499a2fd55c29e29628ca9519c33a33daf806eb3b8d01cfc10c964c1cd2558152c000c7ed2a8584f36c58f31c51
- SSDEEP
  
  768:tkU1iy+QMBCocUuk0ThROoUheLXG99gmIt:tkUCCo/KjOoUhpg
Score

1^/10
behavioral15 behavioral16
- Target
  
  Mono.Cecil.dll
- Size
  
  351KB
- MD5
  
  6d8d43c5d7dbe36ec01ff8b951cf1e0a
- SHA1
  
  d6b8214419870770e1ce398ca06a6a9f0e9e62a3
- SHA256
  
  9c2908709da6761e9b5b9d4d46102d65851145bac987787d6c5a05ffe5689487
- SHA512
  
  221955b05d83513fadcb79721c96fd467ea871cfa401b279dc8ade426c88df4cadc884dae7a9c418c1012af202263f31ce8b63ca919e1f725eb7c7e8008c3a57
- SSDEEP
  
  6144:eCDxMlG40kOSV1L6RWDv2F2AEJHwBI+aB:rG1J1LQFLE0I+
Score

1^/10
behavioral17 behavioral18
- Target
  
  SixLabors.ImageSharp.dll
- Size
  
  1.7MB
- MD5
  
  523dced95fcb0120698fc194b159a5cd
- SHA1
  
  9f6e4c7269caaf2e09b6961551102b1ec16e60a0
- SHA256
  
  0d19e3bc90153b7d0360360422355daa569209180dd1e4337f2431148d1d7219
- SHA512
  
  325c9c3a316852ea6156a07317a64e369048dc7cfea21e9ea87f8723cf37515f0dfc0a31ab3bf07155ea27938d426c9832c1fcba1ab6c96573cc44eacfa05255
- SSDEEP
  
  24576:3ruzK1lGe+34AbXwX8WcaMX07Bpu39DhpsRalM9FHBjDkck3IegDkspo4fVz:3oo6WcaMX0zYUkY
Score

1^/10
behavioral19 behavioral20
- Target
  
  Spectre.Console.ImageSharp.dll
- Size
  
  16KB
- MD5
  
  099edbe28aaacada8a7a12a414a1d68b
- SHA1
  
  0cc1b8ed4448f4c7246dc859a6359fda20c2d927
- SHA256
  
  52fef316879f90a3897ec33b8a6ca955bd720c8fe53b4479be01b70fcb7d26ee
- SHA512
  
  07995720bc9e5d3b253b5cbe3f2700978950a81819d5064c25fbb6fe860c1cd1b32379136a390ab85f4612d82d4b256ba2d8c46cccdf9de04aab16135c2d6fe5
- SSDEEP
  
  192:SZPAaThmPOaYDr59CUkZNd2AFSm8gCHWjPWfNx6CzOiUYvj4WLwTMVGqy5L5BR5/:iPAaWhq2PX2B1gC2KD6lY8WETKEX
Score

1^/10
behavioral21 behavioral22
- Target
  
  Spectre.Console.dll
- Size
  
  693KB
- MD5
  
  46684228e7c345a3368e8a475ec573b7
- SHA1
  
  aef278fbd7b3f6a65227c7b6b64eb6d88f6cc433
- SHA256
  
  b9617847d85b8efe32d07c4c28f1d16cadd4bfe45a09fd1e24eb82505f913257
- SHA512
  
  ce3ca4c8250bca3e97713d4047d0d874b3b6430014fbc3078b34a9f701a9eaa4b5e990ff99864c19b41eba1dfad74e0f6f1a464bef7b3d5ad825dfcb91b3da31
- SSDEEP
  
  12288:YqVvbKRNvezf2ZOIyY37mkrGpmiv+Y66i7oE4z6kX:nURNvU+SkUQ6icEl
Score

1^/10
behavioral23 behavioral24
- Target
  
  Stub/stub.exe
- Size
  
  1.6MB
- MD5
  
  6627adf7167ee571e8fd6c8b1a0e8ae3
- SHA1
  
  03b9112660ee73c59d84e219f15bf24ae9df48db
- SHA256
  
  6c5935bcddaa1d4f809487f66db758e892cc0a7fd7704d138904bc879644ea1f
- SHA512
  
  e05896a6e0d09d4dafeb2467395ca06ae1e728a4aa079041dea82940caeb71646984604fdeea482748423b10257b8462db4f573682f9f719939143fdb5691c60
- SSDEEP
  
  49152:19Tq24GjdGSiqkqXfd+/9AqYanieKd0U:1YEjdGSiqkqXf0FLYW
Score

10^/10

discovery stealerium stealer
- Stealerium
  An open source info stealer written in C# first seen in May 2022.
  stealer stealerium
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral25 behavioral26

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26