Overview

overview

10

Static

static

3

stellar.exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    stellar.exe

  • Size

    1.4MB

  • Sample

    241008-r5f5ra1grj

  • MD5

    54d5b00ea9a965086f9cd624cdaaf5a4

  • SHA1

    b94f1e2165d24f1aa14d70e7255d0ee6ad259345

  • SHA256

    3f314bd4943b7826f304e2b1af1afb4969754fd6ab48b33c95dad076cc06c067

  • SHA512

    aeadfa9bcc28bc5c23bcadc6d25ec81ce2ce92201ca71565ce0146bb4cf1cde963c68cfd6bd22c688d79cbc57c27f4ae2175046671e96851a9130405760c5993

  • SSDEEP

    24576:RDwCKsRIdB3tN8HZwh/rqjx5MguVgZQ9nXvsB0eTmWd+sYwaH:pwvsRQxtKarqrMgAnXdt

Score
10/10
cryptolockerdefense_evasiondiscoverypersistenceransomware

Malware Config

Targets

    • Target

      stellar.exe

    • Size

      1.4MB

    • MD5

      54d5b00ea9a965086f9cd624cdaaf5a4

    • SHA1

      b94f1e2165d24f1aa14d70e7255d0ee6ad259345

    • SHA256

      3f314bd4943b7826f304e2b1af1afb4969754fd6ab48b33c95dad076cc06c067

    • SHA512

      aeadfa9bcc28bc5c23bcadc6d25ec81ce2ce92201ca71565ce0146bb4cf1cde963c68cfd6bd22c688d79cbc57c27f4ae2175046671e96851a9130405760c5993

    • SSDEEP

      24576:RDwCKsRIdB3tN8HZwh/rqjx5MguVgZQ9nXvsB0eTmWd+sYwaH:pwvsRQxtKarqrMgAnXdt

    Score
    10/10
    cryptolockerdefense_evasiondiscoverypersistenceransomware

    • CryptoLocker

      Ransomware family with multiple variants.

      ransomwarecryptolocker

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks