General
-
Target
2025-06-03_6f7ba73a4d40d6ba25d2efe3aed41b2c_akira_rusty-stealer
-
Size
12.3MB
-
Sample
250603-zlqtvaej3z
-
MD5
6f7ba73a4d40d6ba25d2efe3aed41b2c
-
SHA1
1cb7ca65d6a9402f9d1c7f3da280811bb81c7862
-
SHA256
ca4a420f3c9dcf112ee81603d13e4b0fcc063c002257adc5f08c2aac9dc9a3f7
-
SHA512
d888a407184c996b6b7c463a6b7cc8b1ad4cdb06d6b173892859a55db49ce4b0a59a09ced4ab55eeab341941c5a1a8ee457b0599ed77aac79047f85dc167bb1b
-
SSDEEP
196608:d+VhqcUFR0HEWQMKIoKq/aaNiLvO9qvrGCCgQKI8UeU16xaaSREspnfRbDYME/Gd:yqoEW2Cq/TiLW4T9Chs3
Static task
static1
Behavioral task
behavioral1
Sample
2025-06-03_6f7ba73a4d40d6ba25d2efe3aed41b2c_akira_rusty-stealer.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
2025-06-03_6f7ba73a4d40d6ba25d2efe3aed41b2c_akira_rusty-stealer
-
Size
12.3MB
-
MD5
6f7ba73a4d40d6ba25d2efe3aed41b2c
-
SHA1
1cb7ca65d6a9402f9d1c7f3da280811bb81c7862
-
SHA256
ca4a420f3c9dcf112ee81603d13e4b0fcc063c002257adc5f08c2aac9dc9a3f7
-
SHA512
d888a407184c996b6b7c463a6b7cc8b1ad4cdb06d6b173892859a55db49ce4b0a59a09ced4ab55eeab341941c5a1a8ee457b0599ed77aac79047f85dc167bb1b
-
SSDEEP
196608:d+VhqcUFR0HEWQMKIoKq/aaNiLvO9qvrGCCgQKI8UeU16xaaSREspnfRbDYME/Gd:yqoEW2Cq/TiLW4T9Chs3
Score10/10-
Aurotun family
-
Detects Aurotun stealer
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Checks whether UAC is enabled
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-