svcstealer | f126cbaecfd33f8026cf15a223857503f147b947dccb7a5da727ea19a4a5963b | Triage

Submit
Reports

Overview

overview

Static

static

Flasher.exe

windows7-x64

Flasher.exe

windows10-2004-x64

Sharing

General

Target

Flasher.exe
Size

573KB
Sample

250228-n7mhrsywb1
MD5

eff931961e9134a9945fadd29df90ff7
SHA1

cc27b1d909b14a01a88d27545007703aa9c82d36
SHA256

f126cbaecfd33f8026cf15a223857503f147b947dccb7a5da727ea19a4a5963b
SHA512

5a5bdd3458b64ff434598dd09c98d2ef31945288560d2995ec6200ed0894a71e2522d5ffbdb23f9fcd59159bb811983b0c2862b688cff5fc7fbb50e9a113f290
SSDEEP

12288:ntuH9xWLgvHIh+bOH1JcyDXFJgazKHWs88/vNKI8e:nto9xWLgvHI+OHPcy7T7zBs88/vgZe

Score

10^/10

svcstealer downloader persistence stealer

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

Flasher.exe

Resource

win7-20240903-en

svcstealer downloader persistence stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

Flasher.exe

Resource

win10v2004-20250217-en

svcstealer downloader persistence stealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  Flasher.exe
- Size
  
  573KB
- MD5
  
  eff931961e9134a9945fadd29df90ff7
- SHA1
  
  cc27b1d909b14a01a88d27545007703aa9c82d36
- SHA256
  
  f126cbaecfd33f8026cf15a223857503f147b947dccb7a5da727ea19a4a5963b
- SHA512
  
  5a5bdd3458b64ff434598dd09c98d2ef31945288560d2995ec6200ed0894a71e2522d5ffbdb23f9fcd59159bb811983b0c2862b688cff5fc7fbb50e9a113f290
- SSDEEP
  
  12288:ntuH9xWLgvHIh+bOH1JcyDXFJgazKHWs88/vNKI8e:nto9xWLgvHI+OHPcy7T7zBs88/vgZe
Score

10^/10

svcstealer downloader persistence stealer
- Detects SvcStealer Payload
  SvcStealer aka Diamotrix Clipper is a stealer/downloader written in C++.
- SvcStealer, Diamotrix
  SvcStealer aka Diamotrix Clipper is a stealer/downloader written in C++.
  stealer downloader svcstealer
- Svcstealer family
  svcstealer
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

svcstealerdownloaderpersistencestealer

behavioral2

svcstealerdownloaderpersistencestealer

© 2018-2025

Terms | Privacy