arkei | dac651edd381388ce17e6c5a7c5f41c66a42530e6ce82e58745adbd3c2570b14

Sharing

Copy URL

Twitter E-mail

General

Target

Mars Stealer Builder.7z
Size

2.8MB
Sample

250218-wgg5csvmgn
MD5

9adaa92c49ce7b760fe9804148502b1d
SHA1

9c7ff83f124817589dc9e45f9e55c6fbfb6e1166
SHA256

dac651edd381388ce17e6c5a7c5f41c66a42530e6ce82e58745adbd3c2570b14
SHA512

00151d77df0cee260dadb95dd53e08ca0e7aef9e6f6668ddc439f5a138f263a957aed80431407448442eacf9b9cb4f02b98c9c4a4420e012496b2023861adc1f
SSDEEP

49152:7ZgKH7FFOKPETXqzZIwhMMJeBsWG9gnxFYMtZaw+mYokRTcUe6mH:7ZfH7nEUGke+WGynTX+73RAUeF

Score

10^/10

Malware Config

Targets

- Target
  
  Win32.MarsStealer/Mars-Stealer-main/MarsStealer_Menu.exe
- Size
  
  3KB
- MD5
  
  8abb41f6e7010d70c90f65fd9a740faa
- SHA1
  
  dd71a776e790e437eb8da082c663eb824db34651
- SHA256
  
  e506ea953b9f457490a0db0cccf16a6b9c1f159da5769853a6eb20e2d3d542d7
- SHA512
  
  c62977defea808e10bd7923acbf595e14526f09ffbacc20c9042f11a0762acea25c19e32f4d10d6e0124c59d67b4ff274f9310fbf4669d30ef2a90707557659e
Score

3^/10

discovery
behavioral1
- Target
  
  Win32.MarsStealer/Mars-Stealer-main/Mars_Stealer_cracked_by_LLCPPC.exe
- Size
  
  93KB
- MD5
  
  4d7949f6f4aa10120eae24df5323ec94
- SHA1
  
  9fd5489c207ffd9698348e73200ad87bcd99475f
- SHA256
  
  9ee5f68ca23f797de0d152e7b782832414f43ce8ea9e1578c870680aeac8930d
- SHA512
  
  afabfcc3c8ee774b1d35078d2ef1b7624232be9af068fe3ae5ad7036769eacbab4aeb32f0a54393a0842f190f5e5187fe5d68f9aefb4e6ff94ed98129b2eff29
- SSDEEP
  
  1536:gWTHVn5wa8TXvqHp6kzWgDaO3C54Gf3lagvHkMTafiyVDr1lVUn3jy0:gWTHVn8TXvc4O3CFvlaSED1PCj/
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral2
- Target
  
  mars/panel/assets/css/jquery-ui.min.html
- Size
  
  279B
- MD5
  
  3d94c5db6219640112a01c9f126e894f
- SHA1
  
  042b019ca257c1c8f979ee8c2e13105ee2d92327
- SHA256
  
  d36921d85f158a051daed4dd44ca81fc98a4b707c71f0b587a3e8df8d683f5a2
- SHA512
  
  74da9160f3a50e944a922a209dda4d0a2c4b088b646e57fdf7d2e707d70594d280c89855acadd09ed4e0a1b37fe9b7d758ef7e00b3fc5290386ec1163a853f83
Score

3^/10

discovery
behavioral3
- Target
  
  mars/panel/assets/js/FileSaver.min.js
- Size
  
  2KB
- MD5
  
  bd9105ba51dccb7403a47ccaa3a5ce2e
- SHA1
  
  04443006951f3e8eea14e819d89ba418cb68cf25
- SHA256
  
  1433b8feb185bd8e81db7d2d1ea7330140531b72158300f8e26c98df1e853b21
- SHA512
  
  7b7e6d1e18ba68f2192f8d34dd79ef0b2d1f04c2aab88d94dcac055b3168985ee9af27a50aafca000804ad922fee89b8b4f3be6ac10bf0a2ef05e6f3250cd22b
Score

3^/10

execution
behavioral4
- Target
  
  mars/panel/assets/js/apexcharts.min.js
- Size
  
  870KB
- MD5
  
  ae50ed75dbd16a56ab772663cd3bcf9c
- SHA1
  
  b84fd35fd6760a8e51cb99bc3bcf8533454554e7
- SHA256
  
  95483691e4771b81a36c0d4dca22a429041b96f099c88cf20619d32cf0b50c3f
- SHA512
  
  f9dbc71e13977ca5e459219f52ae56e5b980fc8670f85b6693e45feae812a30b7db3f786cb157425bce5cf7c856566775c236664386b772a232382d881bd1d64
- SSDEEP
  
  24576:MZWc42Ub/tahrBul5JsdKCNV7yNyoFQeUle+3qn9nZw0dpqEY3PoSTHS08txsjp9:MZWc42Ub/tahrBuZsdKCNV7yNyoFQeU/
Score

3^/10

execution
behavioral5
- Target
  
  mars/panel/assets/js/app.js
- Size
  
  2KB
- MD5
  
  a0f20cfc74ac290b19472ffbd89d2816
- SHA1
  
  eb4f26f791b8141202f3450d417133678397e14e
- SHA256
  
  87a94d989ff85416d29bdce6493accb7b5818bb2737523b8501b5f53dcd81bfb
- SHA512
  
  6aa9d65489b95bb81eb246bfde5431a2abe5367b01ffee988442466e0ee070d162d3b127e0dfca0345ca0a64ec1faca72cdc21360b13cfca35f154c123eb5e95
Score

3^/10

execution
behavioral6
- Target
  
  mars/panel/assets/js/bootstrap-colorpicker.min.js
- Size
  
  68KB
- MD5
  
  b25de4112f4968819261bb54eac4879e
- SHA1
  
  bc598ae13d0d9fc50616e57ef3c5b02d1b8fd6e2
- SHA256
  
  73e189f601862b2a7b51661f00160cefedb0909b53ce7f53c322aa35e2dc2db4
- SHA512
  
  7c73145599273492be3d5b86144a17a2fbcdc1960910e201fa8ec4a42236df78dc6178db0ccbe2aa6052f110ed972467d823ecf4a8a9e074299f5d22314fac41
- SSDEEP
  
  768:G9BusJ7Dd4ay5XFDn6aYc++xd+UKKKLJ0aINGXQuIHMvRMbxVaI2aIOxrVGP9KAB:FCcB1VA/AmLLThwcsby0ymFhe
Score

3^/10

execution
behavioral7
- Target
  
  mars/panel/assets/js/bootstrap-material-datetimepicker.js
- Size
  
  55KB
- MD5
  
  babce5d12c88abe51fad2059c0b764cb
- SHA1
  
  4269e07edc50fd29ea86c7af60fe9473d7c89bc6
- SHA256
  
  d17c4df70e8b78a0511817ddb8c0cc094d26d22a39e92f73588cecbcf46650e0
- SHA512
  
  bf8bf3e1647dc9a614a612bebb11d24d308815054f6e6a060191528462247d62d84ffbac5750f7b882f919a722bb870c10b46ff73b72471453e4c8b449a6127e
- SSDEEP
  
  768:hK3+dzkM+XrNzPcO5sF4rVrvbdQRzkfFRRnau7q5:hzkM+XBzP7rVrvb+RQ9aUq5
Score

3^/10

execution
behavioral8
- Target
  
  mars/panel/assets/js/bootstrap-maxlength.min.js
- Size
  
  8KB
- MD5
  
  659895aeed65ac49f0c8a85d68199341
- SHA1
  
  d44b2445c9fe746383ba622faaf7f8d921fd1145
- SHA256
  
  f2c6443899dc1b70aa8b4673746181df961fc0f4b996878132beec12d68ee28e
- SHA512
  
  2b92ae351f708dac3707a1e29e191e0885959fced1d305d82e8a18d2524cbc457ea6d78e5448d5ce4cdd9ce15b81d252c06806f3674aec55c453aa5b7096c8ff
- SSDEEP
  
  96:8v99SEaiZNwJ08UXs4cqAaAcPsdGZp+yhCiQdr0pvMuu3tDRYWQe78GXRqi:8v9QEaiZeJ08jaPIxndr0tMOWF7b
Score

3^/10

execution
behavioral9
- Target
  
  mars/panel/assets/js/bootstrap.bundle.min.js
- Size
  
  82KB
- MD5
  
  7f389f5d2622ce2090eca7c36bcb90bc
- SHA1
  
  ab27031159724e2421f6ff5c70f48e657abe9d39
- SHA256
  
  8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
- SHA512
  
  89c7978e36e6076af0a17f7729ae870073fe07be88635cf4a3787e3753de0ed452b3279eb54dffd10289a86c8f25c5fadf3cac35e860805c0c0bf6e2eddbcc8a
- SSDEEP
  
  768:du/iPy7+zZHVPVBNpwV7BTUB6/YLF/fB+4ed4MMAja+t+QnXLb1+uaR+orWieOJ6:deiayUYLZ83dPD3GAP6f2jX+i/Q2
Score

3^/10

execution
behavioral10
- Target
  
  mars/panel/assets/js/daterangepicker.js
- Size
  
  64KB
- MD5
  
  798fb43e4501467182c7b9740fe8b166
- SHA1
  
  b0940da2845c39a5b4a0055f7f027d8c0d86ab8d
- SHA256
  
  2f9a35f4c8b179f315101de5308ff73eae80bc25577f01002fb3ad1addaec68c
- SHA512
  
  4589b20c9ea19ea8a496fd33602b8d46359bdc3c6ee9f944a9c059fc7c48fb0ad059a78a4acc682d18b98d93888d8c683800c7800e2f6958553f5d21234b9862
- SSDEEP
  
  768:tQORDuOS/+hm9C2MtmNfPnGnLofiJjKSlrXR3EHm3S5fAz7337xK9XJfgxOzLeHF:SOR2rK4SDS5fAz7H7xN
Score

3^/10

execution
behavioral11
- Target
  
  mars/panel/assets/js/feather.min.js
- Size
  
  71KB
- MD5
  
  ebb5ac3f4f7ad6a7453f1cb7a2214f31
- SHA1
  
  29c0698f8b607c94c4e002e92a8c25ac70b2d2c3
- SHA256
  
  36f832aa433d56ed432c7933c53c5743164d743ca6525c215dc48912a51f3e25
- SHA512
  
  69fe14af4802820eda74a559f0474848bf5b8c80366a7f61137919f0a7b7d7497302df381165a155e56e1e132a85ad5dae4164754b50a6def08b24e87c7e388d
- SSDEEP
  
  768:xBscXtXq52eOoY0tTfntlvNsojRu9J0zNIHqLExvi/9TkJ0HqvzpO5tGwNZpJzRV:xB9Kfn4tyZpJn
Score

3^/10

execution
behavioral12
- Target
  
  mars/panel/assets/js/jquery.analytics_dashboard.init.js
- Size
  
  5KB
- MD5
  
  3bef25d60ca638133511d1f7ff782229
- SHA1
  
  2f13491f85f7667e828f44b06a8b770893ac2f8f
- SHA256
  
  f7fdb2e402a94ccecd3be96a86699f72bb07c901a2758e2ddc1a2434b9ca9156
- SHA512
  
  6ebf28919e36fb78f7b150972972dc5dd7a2fc98c3ad19d877c033b49b382b0050fac5088553924103392f50892cb8fb59d7defa83c0f0bd7d664d4dc0bd750c
- SSDEEP
  
  96:+B3JDfi3IXywmJNv/0lIxEWpJdgoAdIsUSbXyHJdrHKcz/cc:+vB120lxwgoFsF4rB
Score

3^/10

execution
behavioral13
- Target
  
  mars/panel/assets/js/jquery.bootstrap-touchspin.min.js
- Size
  
  10KB
- MD5
  
  d6cdeac04d6d365ce35c3714b7525770
- SHA1
  
  04e8ca1edcc25b2ed97cee37fe88f337d4d7b9cc
- SHA256
  
  2c4c4a758a9b011e828a568c20fc7caf67b988c251fb23b73a67aceb9b4b41c6
- SHA512
  
  52110868588e44d517c13e5b5291bdabf23f1573865b1bf9ef0b71b9d1eb7d8648be7c3787d8468ee6a494e125d544229c6969abefad0a3cfd404e6cc5be6f9a
- SSDEEP
  
  192:3ruavRiRQS5jzjGnjAWiHiQYM8JQ1e/9zYh3vlYxnUwXYDYL7U:3rVRiRB57OjA3iQYM8JQ1e1zYZlYxnbU
Score

3^/10

execution
behavioral14
- Target
  
  mars/panel/assets/js/jquery.core.js
- Size
  
  1KB
- MD5
  
  7cbd09725bccd54580d41ba2d711cf51
- SHA1
  
  6d040ca7af2c37190fa029b05c8aa74ea1f4f3ed
- SHA256
  
  3c06c47a14ee5dc3b196d537565e8578f7b6830eb61d4216765dac1fbf72601e
- SHA512
  
  e0996487aeb1a3d94900c47680b9356ffa533bb124e12c231b7dad86654e353d4bc68b94d9485deb1c4b89e7d5f0d8914cb36c5bef3ce26a4f8e021e8e3e806f
Score

3^/10

execution
behavioral15
- Target
  
  mars/panel/assets/js/jquery.forms-advanced.js
- Size
  
  4KB
- MD5
  
  1b0fb1eb915fa7da800b61e6425a4ba4
- SHA1
  
  71fba1587d9fbc8ae93a892425ed0fce101fc8a8
- SHA256
  
  b3b18a76d81681a8541e4157a143a45f2546627cd223aadecf27351b54a282bb
- SHA512
  
  b96943b9433b48825d63439d3b84092d5359f5c44c3b2b767bbf406b4a54172e8bf7c654c4f382cb640982ba0e78955497c1f31cbe0297dfd5c02b5f9ba2f4fa
Score

3^/10

execution
behavioral16
- Target
  
  mars/panel/assets/js/jquery.min.js
- Size
  
  87KB
- MD5
  
  dc5e7f18c8d36ac1d3d4753a87c98d0a
- SHA1
  
  c8e1c8b386dc5b7a9184c763c88d19a346eb3342
- SHA256
  
  f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
- SHA512
  
  6cb4f4426f559c06190df97229c05a436820d21498350ac9f118a5625758435171418a022ed523bae46e668f9f8ea871feab6aff58ad2740b67a30f196d65516
- SSDEEP
  
  1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:AYh8eip3huuf6IidlrvakdtQ47GK1
Score

3^/10

execution
behavioral17
- Target
  
  mars/panel/assets/js/jszip-utils.min.js
- Size
  
  1KB
- MD5
  
  3802b1da574fb51c12a40fb763bcd8e1
- SHA1
  
  fee034cc7e18be52ea8a12ffefebcb0eabca95ff
- SHA256
  
  e4686a0e93c1d5ba5196e0748664bb10990c1fe115caa50fd340af14492c4d5c
- SHA512
  
  dd66826232bf950b8bd1d54846dd6d84b5ebf3867fe18a6991aeaee34c84253d50ba5626f690b182e17aafc57ce2774fe4ad3792823d855d7ece8fdb51b80cb4
Score

3^/10

execution
behavioral18
- Target
  
  mars/panel/assets/js/jszip.min.js
- Size
  
  93KB
- MD5
  
  7e1d909c8012b7968a01a15266689984
- SHA1
  
  30a261cb636edf5cdfd494e48b54861df75440cb
- SHA256
  
  524b73f59f91762299a043c192a53d0c62a335551ef5e55294a07710c778bada
- SHA512
  
  ab1d5c3444fbd417da0b2c8a1e3ce4b7c66f342706c76627964e5e951fd08638a39b3450890a42c31805dcc0e09ae737c506ce12e48877278f7684af5f7dbe6e
- SSDEEP
  
  1536:s731WS23u/uUx3sPsGYXPEuCYAVqn99UD7BBNZ86Ltr0ugWAE6w46imI:sdGYXAVqINZ1LtrngVEB4V
Score

3^/10

execution
behavioral19
- Target
  
  mars/panel/assets/js/metismenu.min.js
- Size
  
  4KB
- MD5
  
  d4d871d690d42a0c26f2ca5a5a4f4ad9
- SHA1
  
  6cf1b2d5ce8f28a7a2a7ca0374fdedc294f70e84
- SHA256
  
  76c63eb57b94cca29ebfe2936ee2f04484e54b149e0237d731984d577d7f7474
- SHA512
  
  eb46f9b018cf9fc3f7c76b11b0b17074a8270975d7962cbd67ab0a8292f34f18fdfb91bb06ed1ca0720c4ce820299a657303e1e2e3d0e55d2c629544656e0f8e
- SSDEEP
  
  96:e+Y/haKTVVDR8V+M8W4ARBO/fZN+aThOsL:jYJacXCV+M0/uuhJL
Score

3^/10

execution
behavioral20
- Target
  
  mars/panel/assets/js/moment.js
- Size
  
  147KB
- MD5
  
  0941fc7ec3988352c959e5b3da86f666
- SHA1
  
  f5ff9e6fdcddb2951851412bc021015b6b59054c
- SHA256
  
  1fd8c0cfffd02e40cecbf9f313d1b86988a342d90bb7d16f1a67544f0064ea0b
- SHA512
  
  5afde44d2c0b90bfbf3292b794e80ab6c4e7e653b59e675eb2fee4f6459c22ed23a00268e0ac48b01e3fad03d45ffd4cfcc35e3026d16fbff64bf7f61488412d
- SSDEEP
  
  1536:4OpyD1Cb6yVBXfW1vCUUtQQTj06HPU3KQFSNF1T7cbF/nlzUIKHCIioTo3v2BcC:4OpyDJu8XUtQQSO1T7cbF/nlz3wq2BB
Score

3^/10

execution
behavioral21
- Target
  
  mars/panel/assets/js/select2.min.js
- Size
  
  65KB
- MD5
  
  26abb17f4b7260ea8c912313e2c80fef
- SHA1
  
  42fe805a338908436c5c326dbf7e9aec0c8484c7
- SHA256
  
  140d78b4123cbfeff506d707f57b49a5c35b0a898112975ac14640e813d7455c
- SHA512
  
  8e157537289a194ba12839feeac77a9cb2ca34c52c963de17fb8037f715c1b5176160d56eefe953b9225d69c42289784e3e5fefcab6eab1faffc71e9649d8d38
- SSDEEP
  
  768:V2oLNdg5pTFxxoiQduQLCyXwGBokOl/N6QTeeUBo47RTeqX5KnZprIf/ny0Rfln:jr2xOiQduE2kOZ2kqJOHrAvfl
Score

3^/10

execution
behavioral22
- Target
  
  mars/panel/assets/js/simplebar.min.js
- Size
  
  56KB
- MD5
  
  a8680d7a3ac007fb2b94a183791c435e
- SHA1
  
  a21a5ada6a6ca5bdd3f7ff75d0f68e89784058ba
- SHA256
  
  84575d0fa5cc23015b6b8213423a6fe56584e79ef0e8ed30f5145f9868c8cf89
- SHA512
  
  85112633081e0439e92da6e071a0ea2ad39234cf2eee4260cf919ef6a938f5df2b69aa3da3f199926606cf2356ff5ffa9c199437bcc93356e6dfa1553753ad0c
- SSDEEP
  
  1536:Eo1qP3bArH8Ci4oO0RFs6e8KllDr9Im0nhOQEz+2/5f+Nh8cQBibzd+QfhanKrHD:EWqPrArH5XoNs6yDvcz2/5fkh8cQBibX
Score

3^/10

execution
behavioral23
- Target
  
  mars/panel/assets/js/waves.js
- Size
  
  18KB
- MD5
  
  16995356a7ff9061d800c2e4c7407879
- SHA1
  
  caf0964cba63d3ff8f9c6cdd9dbda6ccdbc4a085
- SHA256
  
  4b11e7c433e0918139535b861674cec60f4fdee98de7eed0a1c7ce0afa5a60fa
- SHA512
  
  922dc1205e306ff9428fcdf61da25f31689dfa308dc844f7ca0521790ad85ba8bf249aa2221d1a660d672ce704548ed2e2d57157cc666e308f0a324ee49b9f31
- SSDEEP
  
  384://oZ4AOAE6A63jvij65YqI99y3+3KSQWnA3KhwV8YIs3KCce:XPRZ6pW65YqU9y3+3KSQ+A3KhwV8YIsR
Score

3^/10

execution
behavioral24
- Target
  
  mars/panel/logs.php
- Size
  
  11KB
- MD5
  
  90595236b874cf083700b6d03a37d8fe
- SHA1
  
  789a9855489e241ab6e586cbfca42bd20c8e9abd
- SHA256
  
  7a2d7f9211c5e30c90ee0aeb4d61647700ba932323b8eff40c95abd998fa2593
- SHA512
  
  81a3dd64b5895df21a91bd08ecb4b0e7643eebd6f407244b7ab36d6220f7be86bf2762a11b363348d8156de06ba76f305607de0d47bfd4f9b43d7013b59acc02
- SSDEEP
  
  192:b2Y7M8cGxBEozO8bTLMi5rQLMiLCILMiNnLMi5Ot3Rew2fyRLXqrAZ6:PBEsB93ReBfyRLXQa6
Score

3^/10

execution
behavioral25
- Target
  
  mars/public/freebl3.dll
- Size
  
  326KB
- MD5
  
  ef2834ac4ee7d6724f255beaf527e635
- SHA1
  
  5be8c1e73a21b49f353c2ecfa4108e43a883cb7b
- SHA256
  
  a770ecba3b08bbabd0a567fc978e50615f8b346709f8eb3cfacf3faab24090ba
- SHA512
  
  c6ea0e4347cbd7ef5e80ae8c0afdca20ea23ac2bdd963361dfaf562a9aed58dcbc43f89dd826692a064d76c3f4b3e92361af7b79a6d16a75d9951591ae3544d2
- SSDEEP
  
  6144:C8YBC2NpfYjGg7t5xb7WOBOLFwh8yGHrIrvqqDL6XPowD:CbG7F35BVh8yIZqn65D
Score

3^/10

discovery
behavioral26
- Target
  
  mars/public/mozglue.dll
- Size
  
  133KB
- MD5
  
  8f73c08a9660691143661bf7332c3c27
- SHA1
  
  37fa65dd737c50fda710fdbde89e51374d0c204a
- SHA256
  
  3fe6b1c54b8cf28f571e0c5d6636b4069a8ab00b4f11dd842cfec00691d0c9cd
- SHA512
  
  0042ecf9b3571bb5eba2de893e8b2371df18f7c5a589f52ee66e4bfbaa15a5b8b7cc6a155792aaa8988528c27196896d5e82e1751c998bacea0d92395f66ad89
- SSDEEP
  
  3072:7Gyzk/x2Wp53pUzPoNpj/kVghp1qt/dXDyp4D2JJJvPhrSeTuk:6yQ2Wp53iO/kVghp12/dXDyyD2JJJvPR
Score

3^/10

discovery
behavioral27
- Target
  
  mars/public/msvcp140.dll
- Size
  
  429KB
- MD5
  
  109f0f02fd37c84bfc7508d4227d7ed5
- SHA1
  
  ef7420141bb15ac334d3964082361a460bfdb975
- SHA256
  
  334e69ac9367f708ce601a6f490ff227d6c20636da5222f148b25831d22e13d4
- SHA512
  
  46eb62b65817365c249b48863d894b4669e20fcb3992e747cd5c9fdd57968e1b2cf7418d1c9340a89865eadda362b8db51947eb4427412eb83b35994f932fd39
- SSDEEP
  
  12288:Mlp4PwrPTlZ+/wKzY+dM+gjZ+UGhUgiW6QR7t5s03Ooc8dHkC2es9oV:Mlp4PePozGMA03Ooc8dHkC2ecI
Score

3^/10

discovery
behavioral28
- Target
  
  mars/public/nss3.dll
- Size
  
  1.2MB
- MD5
  
  bfac4e3c5908856ba17d41edcd455a51
- SHA1
  
  8eec7e888767aa9e4cca8ff246eb2aacb9170428
- SHA256
  
  e2935b5b28550d47dc971f456d6961f20d1633b4892998750140e0eaa9ae9d78
- SHA512
  
  2565bab776c4d732ffb1f9b415992a4c65b81bcd644a9a1df1333a269e322925fc1df4f76913463296efd7c88ef194c3056de2f1ca1357d7b5fe5ff0da877a66
- SSDEEP
  
  24576:Sb5zzlswYNYLVJAwfpeYQ1Dw/fEE8DhSJVIVfRyAkgO6S/V/jbHpls4MSRSMxkoo:4zW5ygDwnEZIYkjgWjblMSRSMqH
Score

3^/10

discovery
behavioral29
- Target
  
  mars/public/softokn3.dll
- Size
  
  141KB
- MD5
  
  a2ee53de9167bf0d6c019303b7ca84e5
- SHA1
  
  2a3c737fa1157e8483815e98b666408a18c0db42
- SHA256
  
  43536adef2ddcc811c28d35fa6ce3031029a2424ad393989db36169ff2995083
- SHA512
  
  45b56432244f86321fa88fbcca6a0d2a2f7f4e0648c1d7d7b1866adc9daa5eddd9f6bb73662149f279c9ab60930dad1113c8337cb5e6ec9eed5048322f65f7d8
- SSDEEP
  
  3072:UAf6suip+d7FEk/oJz69sFaXeu9CoT2nIVFetBWsqeFwdMIo:p6PbsF4CoT2OeU4SMB
Score

3^/10

discovery
behavioral30
- Target
  
  mars/public/sqlite3.dll
- Size
  
  630KB
- MD5
  
  e477a96c8f2b18d6b5c27bde49c990bf
- SHA1
  
  e980c9bf41330d1e5bd04556db4646a0210f7409
- SHA256
  
  16574f51785b0e2fc29c2c61477eb47bb39f714829999511dc8952b43ab17660
- SHA512
  
  335a86268e7c0e568b1c30981ec644e6cd332e66f96d2551b58a82515316693c1859d87b4f4b7310cf1ac386cee671580fdd999c3bcb23acf2c2282c01c8798c
- SSDEEP
  
  12288:i0zrcH2F3OfwjtWvuFEmhx0Cj37670jwX+E7tFKm0qTYh:iJUOfwh8u9hx0D70NE7tFTYh
Score

3^/10

discovery
behavioral31
- Target
  
  mars/public/vcruntime140.dll
- Size
  
  81KB
- MD5
  
  7587bf9cb4147022cd5681b015183046
- SHA1
  
  f2106306a8f6f0da5afb7fc765cfa0757ad5a628
- SHA256
  
  c40bb03199a2054dabfc7a8e01d6098e91de7193619effbd0f142a7bf031c14d
- SHA512
  
  0b63e4979846ceba1b1ed8470432ea6aa18cca66b5f5322d17b14bc0dfa4b2ee09ca300a016e16a01db5123e4e022820698f46d9bad1078bd24675b4b181e91f
- SSDEEP
  
  1536:AQXQNgAuCDeHFtg3uYQkDqiVsv39niI35kU2yecbVKHHwhbfugbZyk:AQXQNVDeHFtO5d/A39ie6yecbVKHHwJF
Score

3^/10

discovery
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

T1555

Credentials from Web Browsers

T1555.003

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Reads user/profile data of web browsers

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32