General
-
Target
Tools.exe
-
Size
17.8MB
-
Sample
241119-ml2vwsvfrj
-
MD5
6f9a824001b0124db66f808ecab25cbd
-
SHA1
539b08d754fc3eb100ac189c9ae4ac100fd0ed0c
-
SHA256
a868724002d7af3c0ed880a3b56f2256d4c60d4bcd61bd5607b894aa72b51423
-
SHA512
0c6371b0e5749f3c029eb89fa94c1751a9b1f552654df2e2acb595b513dfadff2875dbc5f40bf268f682387a0c62514b90f5705d7110b3d07853bd4a978ca1c4
-
SSDEEP
393216:VEVCNjvwNIJfa86uq97Nw3qi6LjwrtOquHNb5uXdKDL+i:CVCNrSIQ86p9ia/MtjuHx8Xkqi
Static task
static1
Behavioral task
behavioral1
Sample
Tools.exe
Resource
win10ltsc2021-20241023-en
Behavioral task
behavioral2
Sample
Tools.exe
Resource
win11-20241023-en
Malware Config
Targets
-
-
Target
Tools.exe
-
Size
17.8MB
-
MD5
6f9a824001b0124db66f808ecab25cbd
-
SHA1
539b08d754fc3eb100ac189c9ae4ac100fd0ed0c
-
SHA256
a868724002d7af3c0ed880a3b56f2256d4c60d4bcd61bd5607b894aa72b51423
-
SHA512
0c6371b0e5749f3c029eb89fa94c1751a9b1f552654df2e2acb595b513dfadff2875dbc5f40bf268f682387a0c62514b90f5705d7110b3d07853bd4a978ca1c4
-
SSDEEP
393216:VEVCNjvwNIJfa86uq97Nw3qi6LjwrtOquHNb5uXdKDL+i:CVCNrSIQ86p9ia/MtjuHx8Xkqi
-
ElysiumStealer
ElysiumStealer (previously known as ZeromaxStealer) is an info stealer that can steal login credentials for various accounts.
-
ElysiumStealer Support DLL
-
Elysiumstealer family
-
Event Triggered Execution: Image File Execution Options Injection
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-