svcstealer | 4db6590cb50ec1a718a17d5fea9dfeba7c8451f4558b893c518cf6672aedc45a | Triage

Submit
Reports

Overview

overview

Static

static

4db6590cb5...5a.exe

windows7-x64

4db6590cb5...5a.exe

windows10-2004-x64

Sharing

General

Target

4db6590cb50ec1a718a17d5fea9dfeba7c8451f4558b893c518cf6672aedc45a
Size

615KB
Sample

250226-2sfcsswr13
MD5

445b3781dc7d6ac6a52bec31d74bcd32
SHA1

d8574d03d025d4e888037a4d4a46547c6ba13141
SHA256

4db6590cb50ec1a718a17d5fea9dfeba7c8451f4558b893c518cf6672aedc45a
SHA512

fec72af5a3afb6784e7571e16e01ad91573a78a449d0c0faa8ffd4481174369bb0ab672bf90e2d63b37f2093cc60c909a84e700fa331479fdc075f369ba0ce9f
SSDEEP

12288:Tl+79fergMgm+w7dioulRCh3NncLkIug31fCYonRT/AO:Tlc9fergMgm+sdhuls0kIdFKlBo

Score

10^/10

svcstealer downloader persistence stealer

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

4db6590cb50ec1a718a17d5fea9dfeba7c8451f4558b893c518cf6672aedc45a.exe

Resource

win7-20240729-en

svcstealer downloader persistence stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

4db6590cb50ec1a718a17d5fea9dfeba7c8451f4558b893c518cf6672aedc45a.exe

Resource

win10v2004-20250217-en

svcstealer downloader persistence stealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  4db6590cb50ec1a718a17d5fea9dfeba7c8451f4558b893c518cf6672aedc45a
- Size
  
  615KB
- MD5
  
  445b3781dc7d6ac6a52bec31d74bcd32
- SHA1
  
  d8574d03d025d4e888037a4d4a46547c6ba13141
- SHA256
  
  4db6590cb50ec1a718a17d5fea9dfeba7c8451f4558b893c518cf6672aedc45a
- SHA512
  
  fec72af5a3afb6784e7571e16e01ad91573a78a449d0c0faa8ffd4481174369bb0ab672bf90e2d63b37f2093cc60c909a84e700fa331479fdc075f369ba0ce9f
- SSDEEP
  
  12288:Tl+79fergMgm+w7dioulRCh3NncLkIug31fCYonRT/AO:Tlc9fergMgm+sdhuls0kIdFKlBo
Score

10^/10

svcstealer downloader persistence stealer
- Detects SvcStealer Payload
  SvcStealer aka Diamotrix Clipper is a stealer/downloader written in C++.
- SvcStealer, Diamotrix
  SvcStealer aka Diamotrix Clipper is a stealer/downloader written in C++.
  stealer downloader svcstealer
- Svcstealer family
  svcstealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

svcstealerdownloaderpersistencestealer

behavioral2

svcstealerdownloaderpersistencestealer

© 2018-2025

Terms | Privacy