Extracted

• • Target

    806b5f2d3b422d192f787a6eb96d0614c943fafb2c2ea53d4917ad123ddf2551

  • Size

    3.8MB

  • MD5

    1c25367e4c2492ebf34728546f96789e

  • SHA1

    7ee66552ce8fab8f137e1e67dcd6f79355d78b1e

  • SHA256

    806b5f2d3b422d192f787a6eb96d0614c943fafb2c2ea53d4917ad123ddf2551

  • SHA512

    7f20b8df12f0bee55eda4d1a8ba00a234ebfb37aff83e7b4ab38186c3947f696f5ccf643d03d9e8103b2880b5f190fb465df4b099d37d6385d66dae81baec945

  • SSDEEP

    98304:3PbP5nCK3zBS0g4BchdDh9QWAomJbbbayyxFRPAB:3PbdvB+KkhMxJe/FlAB

  Score

  10^/10

  stealeriumdiscoverystealer

  • Stealerium

    An open source info stealer written in C# first seen in May 2022.

    stealerstealerium

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  • Legitimate hosting services abused for malware hosting/C2

  behavioral1behavioral2