General
-
Target
stand.exe
-
Size
17.8MB
-
Sample
250329-2r1x4sxls7
-
MD5
4e45d159b2f482edac2ba45713c335a2
-
SHA1
1b97c1e523ed4add9d952842a920b0c42ceacfb4
-
SHA256
05ac40c0f8950fd6800e6663062d2a27cc466c5d3e2df8f50200fc1787e516f3
-
SHA512
2a041d04cb5be086bae31a49d9eec94187fbd7459803111017421fde76f968f6369c78060ccafb22a59781f55730f446343df104fd0383ac2b336411b3554ed6
-
SSDEEP
98304:QN4aC69mw0GrEW1bSc1AzMjir7ifGB0Kn9JtxTbF:Q270mw9bScyM4WObn9J3
Malware Config
Targets
-
-
Target
stand.exe
-
Size
17.8MB
-
MD5
4e45d159b2f482edac2ba45713c335a2
-
SHA1
1b97c1e523ed4add9d952842a920b0c42ceacfb4
-
SHA256
05ac40c0f8950fd6800e6663062d2a27cc466c5d3e2df8f50200fc1787e516f3
-
SHA512
2a041d04cb5be086bae31a49d9eec94187fbd7459803111017421fde76f968f6369c78060ccafb22a59781f55730f446343df104fd0383ac2b336411b3554ed6
-
SSDEEP
98304:QN4aC69mw0GrEW1bSc1AzMjir7ifGB0Kn9JtxTbF:Q270mw9bScyM4WObn9J3
Score10/10-
Detect SalatStealer payload
-
Salatstealer family
-
salatstealer
SalatStealer is a stealer that takes sceenshot written in Golang.
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Reads user/profile data of local email clients
Email clients store some user data on disk where infostealers will often target it.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Drops file in System32 directory
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-