stealerium | 0461541abae499104970d012841db7bb7bb02ea1d40d5c295a061b38e6fb7231 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

0461541aba...31.exe

windows7-x64

0461541aba...31.exe

windows10-2004-x64

Sharing

General

Target

0461541abae499104970d012841db7bb7bb02ea1d40d5c295a061b38e6fb7231
Size

3.8MB
Sample

250214-xxd83sxjhj
MD5

e91657014183219fd6d6535baae97b7c
SHA1

c7b3cf4cd1f6f52ac52b427ad25509dc6c990289
SHA256

0461541abae499104970d012841db7bb7bb02ea1d40d5c295a061b38e6fb7231
SHA512

69cb9171402023578727a4f7183c24ac63896409a9fefcaad432bde41060bd4c99345865b5b88705297fa91c777f6f3e094d6b522863e628a9ef815730f9c36a
SSDEEP

98304:FkqXf0FlL9nrYAWAZi6sfLxkuahjCOeX9YG9see5GnRyCAm0makxH13:FkSIlLtzWAXAkuujCPX9YG9he5GnQCAo

Score

10^/10

stealerium discovery stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

0461541abae499104970d012841db7bb7bb02ea1d40d5c295a061b38e6fb7231.exe

Resource

win7-20240903-en

stealerium stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

0461541abae499104970d012841db7bb7bb02ea1d40d5c295a061b38e6fb7231.exe

Resource

win10v2004-20250207-en

stealerium discovery stealer

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Extracted

Family

stealerium

C2

https://api.telegram.org/bot6926474815:AAFx9tLAnf5OAVQZp2teS3G2_6T1wCP67xM/sendMessage?chat_id=-4224073938

Targets

- Target
  
  0461541abae499104970d012841db7bb7bb02ea1d40d5c295a061b38e6fb7231
- Size
  
  3.8MB
- MD5
  
  e91657014183219fd6d6535baae97b7c
- SHA1
  
  c7b3cf4cd1f6f52ac52b427ad25509dc6c990289
- SHA256
  
  0461541abae499104970d012841db7bb7bb02ea1d40d5c295a061b38e6fb7231
- SHA512
  
  69cb9171402023578727a4f7183c24ac63896409a9fefcaad432bde41060bd4c99345865b5b88705297fa91c777f6f3e094d6b522863e628a9ef815730f9c36a
- SSDEEP
  
  98304:FkqXf0FlL9nrYAWAZi6sfLxkuahjCOeX9YG9see5GnRyCAm0makxH13:FkSIlLtzWAXAkuujCPX9YG9he5GnQCAo
Score

10^/10

stealerium stealer discovery
- Stealerium
  An open source info stealer written in C# first seen in May 2022.
  stealer stealerium
- Stealerium family
  stealerium
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

stealeriumstealer

behavioral2

stealeriumdiscoverystealer

© 2018-2025

Terms | Privacy