Overview

overview

10

Static

static

3

Wallet-Pri...1).exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Wallet-PrivateKey.Pdf (1).exe

  • Size

    107KB

  • Sample

    250204-tqv2gatkbk

  • MD5

    036ba72c9c4cf36bda1dc440d537af3c

  • SHA1

    3c10ef9932ffc206a586fe5768879bf078e9ebeb

  • SHA256

    bb41ae95f911a55ab1101ca7854918ec0f23548376d4846a2176b9c289102114

  • SHA512

    c7e8c37787b759bca7fb6d02692c0263d6c60f606ee52e890f3c177dabd00ac6305cd43056164f6e16fbc18046a8c4226172f295ebc85e310ea7e52878d5137d

  • SSDEEP

    3072:2WChbWsb6GMVumsolXIrRuw+mqv9j1MWLQQ:1DVuDAX

Score
10/10
stealeriumdiscoverystealer

Malware Config

Extracted

Family

stealerium

C2

https://api.telegram.org/bot6926474815:AAFx9tLAnf5OAVQZp2teS3G2_6T1wCP67xM/sendMessage?chat_id=-4224073938

Targets

    • Target

      Wallet-PrivateKey.Pdf (1).exe

    • Size

      107KB

    • MD5

      036ba72c9c4cf36bda1dc440d537af3c

    • SHA1

      3c10ef9932ffc206a586fe5768879bf078e9ebeb

    • SHA256

      bb41ae95f911a55ab1101ca7854918ec0f23548376d4846a2176b9c289102114

    • SHA512

      c7e8c37787b759bca7fb6d02692c0263d6c60f606ee52e890f3c177dabd00ac6305cd43056164f6e16fbc18046a8c4226172f295ebc85e310ea7e52878d5137d

    • SSDEEP

      3072:2WChbWsb6GMVumsolXIrRuw+mqv9j1MWLQQ:1DVuDAX

    Score
    10/10
    stealeriumdiscoverystealer

    • Stealerium

      An open source info stealer written in C# first seen in May 2022.

      stealerstealerium

    • Stealerium family

      stealerium

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks