svcstealer | c03dc0fa98369cf3ce5429f50ea3df6c9701fe0f10a92182d86c765b66a3fa4c

Analysis

max time kernel
0s
max time network
1s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
29/03/2025, 10:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2025-03-29_8a3b83fdea0984b4388d5ebeded4dc02_black-basta_cobalt-strike_rhadamanthys_satacom.exe
Size

10.8MB
MD5

8a3b83fdea0984b4388d5ebeded4dc02
SHA1

bc1884047331647e4633ec0efb7370ea82a316a4
SHA256

c03dc0fa98369cf3ce5429f50ea3df6c9701fe0f10a92182d86c765b66a3fa4c
SHA512

5d261087735a7bd0009ba61755c71469e444142a8aa23e1aa5b96768c0614e1e20e4a9c12d731fddb0c9cbca4d32704caa4d29033ccfecef611b976302aedce0
SSDEEP

196608:VvZnQHQZg0HiouWJysVYvsOaoyMxxvjDDAx0al2dxwMFnVpdVpqmG:HngCHi9WJdoyMxtDDAxBI7VhsH

Score

10^/10

svcstealer downloader stealer

Malware Config

Signatures

Detects SvcStealer Payload 1 IoCs

SvcStealer aka Diamotrix Clipper is a stealer/downloader written in C++.

resource	yara_rule
behavioral1/files/0x0007000000019465-19.dat	family_svcstealer

SvcStealer, Diamotrix
SvcStealer aka Diamotrix Clipper is a stealer/downloader written in C++.
stealer downloader svcstealer
Svcstealer family
svcstealer

C:\Users\Admin\AppData\Local\Temp\2025-03-29_8a3b83fdea0984b4388d5ebeded4dc02_black-basta_cobalt-strike_rhadamanthys_satacom.exe
"C:\Users\Admin\AppData\Local\Temp\2025-03-29_8a3b83fdea0984b4388d5ebeded4dc02_black-basta_cobalt-strike_rhadamanthys_satacom.exe"
1⤵
PID:1956
- C:\ProgramData\fdfdfdfdfdfeee.exe
  "C:\ProgramData\fdfdfdfdfdfeee.exe"
  2⤵
  PID:2060

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\ProgramData\bvbvbvbvbvbccc.exe

Filesize
256KB

MD5
19406ce30bc38b421bcdd44d5f18cd3d

SHA1
ec4bd3785de3eaa8f4442bcfb2f2c45c9d8502e5

SHA256
cb9c89fe45a6ccf9aad5dfaf7dd392e71f31cc1ff20472c4c8567919c1f99ec2

SHA512
b53562336073f66e3518981409f2e278b445b81c154d40f2b5ebbefeda8e1cacab64c52bbcfc09cbdc5f3af6335e9306e3ffa2e500bdc0d3c1aa421cae78b85e

Download Submit
C:\ProgramData\fdfdfdfdfdfeee.exe

Filesize
640KB

MD5
b426168eec66e26bc7540911f34cfa21

SHA1
0cb6c332b933b726901b05e8688e63c8bba6ad76

SHA256
5c57f49e4aa6f13fc503f0dcc72ac00d4a577d03a33b23556aea27c3bc388261

SHA512
ebc640c6f71ca844eb8969aaebd56ecfa4b7c203928535ca26053c465a88b4b5fafebb4ebc7c498f94007e15352608926102daa7d2540757c85b41601e1a3af7

Download Submit
C:\ProgramData\trtrtrtrtrtrteee.exe

Filesize
64KB

MD5
0524a00c50985adaf82da523c1e5bc78

SHA1
b3c7985ce57e655844b51be3d1f37502ef04d6ea

SHA256
da60064416fb8c9e1b5828b21522b6f7ccc9c698551ec9f34ab117df64d63f82

SHA512
ddf79a44b7012c4ea1d0cade619864c1be9fa26d270b5a26ece5d2d47ea73aceab4f7531ac90f33f61b4eb54d57f2ab1b548dc270cdb89ab3d9a2411e265671a

Download Submit
\ProgramData\fdfdfdfdfdfeee.exe

Filesize
896KB

MD5
384eafd9fc574b7fe08f16b8c8d3d91b

SHA1
3112e56140fbb6e263bd627451ba42dca54ebeab

SHA256
5993bacf6421f3fb0484a721ca08e8f4d480aff230aab0dd38c0ed364c84ba15

SHA512
7371bf5dcd2b77b372c61e5528c6e90b6610ce784ca646a697bafc9f534eabb3dd06657c7a883f6949fd71861392f9c20fa2a6d0592f40f05e3e09743e14acce

Download Submit
\ProgramData\trtrtrtrtrtrteee.exe

Filesize
96KB

MD5
7066a76e80b30fdb6adc1e5bc1c3aa2a

SHA1
b42407fbee499315ffe123ff805f390bcb11dee1

SHA256
f94c5dfc4d5a8e9e429bbf922c6ddbdec3f43c9fe440da322c2610333082be00

SHA512
497039e965e6492bd82400237a9f9615513b558dd929f89dfc69ecb77d2693b56db37cb18962fce1971493908c891b485e5f88dc94387ef46acba6480a94a5d8

Download Submit
memory/1244-31-0x0000000004FF0000-0x0000000005095000-memory.dmp

Filesize
660KB

Download
memory/1956-25-0x00000000024E0000-0x000000000257F000-memory.dmp

Filesize
636KB

Download
memory/2924-23-0x000000013FB50000-0x000000013FBEF000-memory.dmp

Filesize
636KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads