metastealer | download[.]exe

General

Target

download.exe
Size

7.0MB
MD5

ce3eeaa98efda8fa39b754acd3cb9bf2
SHA1

8414b8cbf9f61729c26a0b603068e69f12561f57
SHA256

76b157a3679759ef469749cd16da2063c8301b2bcf359dbb343c44b565fed394
SHA512

eef9f84c24db3dea0502ba6cfed4b66a4ae0dc438242dd6d0bfdd7506ed52c35fc65331dfd2a58145f3dc8abe692db4ccc11bf72d396d97ea6717065056a3589
SSDEEP

98304:us8poMu7ZNTKP67iNfkhmltukjYRD/Wl1qSIRE9BYk4KQSug9KY7AvvEVND:u0NTw67Ikhm//jYN/W/kuKY7AHEz

Score

10^/10

metastealer

Malware Config

Extracted

Family

metastealer

C2

kagkimuoakomksww.xyz

cwikwiiisuyqymso.xyz

qgimwqowkmuicoos.xyz

kuueskmwqmwoocuq.xyz

eaeueussigokssqg.xyz

eoyqkgcyoesysssk.xyz

ocmmqamiyucswwik.xyz

eimemucysaammomg.xyz

iwomsoekyisuymws.xyz

mqykiccmwokeumes.xyz

iqqcgqqseysecuum.xyz

iqmoyikmqymsmcwm.xyz

aseuqoqgaueaymyo.xyz

wycuamkomemmigmy.xyz

ceiyeqaoscmsamim.xyz

skcqkaykccckqyam.xyz

kaycmqwocuyyuqyg.xyz

mqssyaeoeeucegqy.xyz

ywqamawcqumaqiyq.xyz

skscsegicyqikqww.xyz

Attributes

dga_seed
12914
domain_length
16
num_dga_domains
10000
port
443

Signatures

MetaStealer payload 1 IoCs

resource	yara_rule
sample	family_metastealer

Metastealer family
metastealer

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
download.exe

Files

download.exe
.dll windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 5.2MB - Virtual size: 5.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 109KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 218KB - Virtual size: 218KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 5.2MB - Virtual size: 5.2MB

.rdata Size: 1.5MB - Virtual size: 1.5MB

.data Size: 109KB - Virtual size: 272KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 218KB - Virtual size: 218KB

.text
Size: 5.2MB - Virtual size: 5.2MB

.rdata
Size: 1.5MB - Virtual size: 1.5MB

.data
Size: 109KB - Virtual size: 272KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 218KB - Virtual size: 218KB