Overview

overview

10

Static

static

3

Pdf Reader.exe

windows10-ltsc 2021-x64

10

Resubmissions

04-02-2025 15:52

250204-ta6g9szrg1 10

04-02-2025 15:27

250204-svsaps1rcr 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Pdf Reader.exe

  • Size

    73KB

  • Sample

    250204-svsaps1rcr

  • MD5

    9d347d5ac998a89f78ba00e74b951f55

  • SHA1

    73df3d5c8388a4d6693cbb24f719dba8833c9157

  • SHA256

    2ea5686422bd8fb6eda542e9a96588f9deb1c97c45f3cb7d3b21ac4da540b57c

  • SHA512

    3db7421aa98e8e108bf982048dda7e0f09428c6498cf5f9f56ef499fb2fafc5deabde8ecb99e1fdd570d54ae9c0533b7502de5848c9e772708cf75509d0c9d9e

  • SSDEEP

    384:ytBuEejMVr2gy0mK1SvySYS4SRmbESgSNSsiKjHxqD4fpBSIxoI2AAgz:y+EjXQL6SYS4SRmbESgSNSsiQJxBSQH

Score
10/10
stealeriumdiscoverystealer

Malware Config

Extracted

Family

stealerium

C2

https://api.telegram.org/bot6926474815:AAFx9tLAnf5OAVQZp2teS3G2_6T1wCP67xM/sendMessage?chat_id=-4224073938

Targets

    • Target

      Pdf Reader.exe

    • Size

      73KB

    • MD5

      9d347d5ac998a89f78ba00e74b951f55

    • SHA1

      73df3d5c8388a4d6693cbb24f719dba8833c9157

    • SHA256

      2ea5686422bd8fb6eda542e9a96588f9deb1c97c45f3cb7d3b21ac4da540b57c

    • SHA512

      3db7421aa98e8e108bf982048dda7e0f09428c6498cf5f9f56ef499fb2fafc5deabde8ecb99e1fdd570d54ae9c0533b7502de5848c9e772708cf75509d0c9d9e

    • SSDEEP

      384:ytBuEejMVr2gy0mK1SvySYS4SRmbESgSNSsiKjHxqD4fpBSIxoI2AAgz:y+EjXQL6SYS4SRmbESgSNSsiQJxBSQH

    Score
    10/10
    stealeriumdiscoverystealer

    • Stealerium

      An open source info stealer written in C# first seen in May 2022.

      stealerstealerium

    • Stealerium family

      stealerium

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks