General
-
Target
build.exe
-
Size
1.6MB
-
Sample
240922-y6fnyawbmg
-
MD5
3923d76c1bdc19346db7ef3ce7ecf39d
-
SHA1
209e93526f1eed8b0a33ed1cf62bd9f6c8ef04e7
-
SHA256
434b24ee97a727982a127dbf28d5b3b938e8589e69d92f57ffb5ed4cdf51b305
-
SHA512
8b0cc22caa18b1a01f8e3d86323965f4db051654e8dcea9ee49edc7a3fdf0f12e5a53c53d5686b49988d13be437dcb82707010b171b01262903a7bbd09d4ff1d
-
SSDEEP
24576:si2Q9NXw2/wPOjdGxY2rJxkqjVnlqud+/2P+A+ZecdyFoBkkAqmZywp0/:DTq24GjdGSiJxkqXfd+/9AqYanCLp
Behavioral task
behavioral1
Sample
build.exe
Resource
win11-20240802-en
Malware Config
Extracted
stealerium
https://discord.com/api/webhooks/1287506826279129221/xtmBrxjVwk8CNmFFCmP-CL8-wWbVTomW26j6YFaob_78SA4yDnROH_sKo1BzgFFsDc6e
Targets
-
-
Target
build.exe
-
Size
1.6MB
-
MD5
3923d76c1bdc19346db7ef3ce7ecf39d
-
SHA1
209e93526f1eed8b0a33ed1cf62bd9f6c8ef04e7
-
SHA256
434b24ee97a727982a127dbf28d5b3b938e8589e69d92f57ffb5ed4cdf51b305
-
SHA512
8b0cc22caa18b1a01f8e3d86323965f4db051654e8dcea9ee49edc7a3fdf0f12e5a53c53d5686b49988d13be437dcb82707010b171b01262903a7bbd09d4ff1d
-
SSDEEP
24576:si2Q9NXw2/wPOjdGxY2rJxkqjVnlqud+/2P+A+ZecdyFoBkkAqmZywp0/:DTq24GjdGSiJxkqXfd+/9AqYanCLp
-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Accesses Microsoft Outlook profiles
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1