povertystealer | 892535a44436246917c024c5ee1b88329f40a349e50b62ad418a6fb4f7455c2f | Triage

Submit
Reports

Overview

overview

Static

static

1

sansayrex.exe

windows7-x64

7

sansayrex.exe

windows10-2004-x64

Sharing

General

Target

sansayrex.exe
Size

2.6MB
Sample

250302-wxfw8sz1cv
MD5

a25d399bfbb718f733d4113e44f33020
SHA1

1334d12a30e493d3a766462bccd81750b5268b9c
SHA256

892535a44436246917c024c5ee1b88329f40a349e50b62ad418a6fb4f7455c2f
SHA512

d3f19995ba0ca103b0f2973ea3b357e039c1bc66584c3028c462bfac9e443895de85fffc70ac2ada6e9fe95ecb613f0e4691f02f2d9cd237745710b5ab266cca
SSDEEP

49152:X45mFWH5uxSa7+iZhNCuyjANW8PPwcr6DNbX3NsN3RfD2VwciCkOAF:X45mUYy+6opWZXdWpu7NkOK

Score

10^/10

povertystealer discovery stealer

Static task

static1

Behavioral task

behavioral1

Sample

sansayrex.exe

Resource

win7-20241023-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

sansayrex.exe

Resource

win10v2004-20250217-en

povertystealer discovery stealer

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  sansayrex.exe
- Size
  
  2.6MB
- MD5
  
  a25d399bfbb718f733d4113e44f33020
- SHA1
  
  1334d12a30e493d3a766462bccd81750b5268b9c
- SHA256
  
  892535a44436246917c024c5ee1b88329f40a349e50b62ad418a6fb4f7455c2f
- SHA512
  
  d3f19995ba0ca103b0f2973ea3b357e039c1bc66584c3028c462bfac9e443895de85fffc70ac2ada6e9fe95ecb613f0e4691f02f2d9cd237745710b5ab266cca
- SSDEEP
  
  49152:X45mFWH5uxSa7+iZhNCuyjANW8PPwcr6DNbX3NsN3RfD2VwciCkOAF:X45mUYy+6opWZXdWpu7NkOK
Score

10^/10

discovery povertystealer stealer
- Detect Poverty Stealer Payload
- Poverty Stealer
  Poverty Stealer is a crypto and infostealer written in C++.
  stealer povertystealer
- Povertystealer family
  povertystealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

povertystealerdiscoverystealer

© 2018-2025

Terms | Privacy