stealerium | b8c74e7e86e542c6ce85dd268694a3f3be347d223eb2a2c34d64c8221d5cd3b8 | Triage

Sharing

General

Target

b8c74e7e86e542c6ce85dd268694a3f3be347d223eb2a2c34d64c8221d5cd3b8N
Size

3.5MB
Sample

241009-11hmfsvgln
MD5

f425cff35d35fff3619237dea3ab4890
SHA1

bb6a3027605a785f83801c7c0a669096bca48e07
SHA256

b8c74e7e86e542c6ce85dd268694a3f3be347d223eb2a2c34d64c8221d5cd3b8
SHA512

529d8986118026ae2b4b8b0c1b0bc7943cf361be441db31ac2fc57035ede5861c4f1f0d703fa429ca4dbea21f5056f4a68382139add159707423c87f1f481911
SSDEEP

98304:zff4bJMxiM8aBP3D5uxmfQEvja3l0uhpo7rdnv0rhbyY60:GmiM8aLamhrRvdYm

Score

10^/10

stealerium stealer

Malware Config

Extracted

Family

stealerium

C2

https://discord.com/api/webhooks/1289898054861721610/UQWcUikhzoeSP3g5t4FGwPRX_m_qZGaFt1VvM7K3CUCEu3TaOhBCLZYSdh-IW9pcU4U1

Targets

- Target
  
  b8c74e7e86e542c6ce85dd268694a3f3be347d223eb2a2c34d64c8221d5cd3b8N
- Size
  
  3.5MB
- MD5
  
  f425cff35d35fff3619237dea3ab4890
- SHA1
  
  bb6a3027605a785f83801c7c0a669096bca48e07
- SHA256
  
  b8c74e7e86e542c6ce85dd268694a3f3be347d223eb2a2c34d64c8221d5cd3b8
- SHA512
  
  529d8986118026ae2b4b8b0c1b0bc7943cf361be441db31ac2fc57035ede5861c4f1f0d703fa429ca4dbea21f5056f4a68382139add159707423c87f1f481911
- SSDEEP
  
  98304:zff4bJMxiM8aBP3D5uxmfQEvja3l0uhpo7rdnv0rhbyY60:GmiM8aLamhrRvdYm
Score

10^/10

stealerium stealer
- Stealerium
  An open source info stealer written in C# first seen in May 2022.
  stealer stealerium
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

stealeriumstealer

behavioral2

stealeriumstealer