General
-
Target
IPTV Checker v0.3.exe
-
Size
8.0MB
-
Sample
250604-rv9pbagp7t
-
MD5
79d0adbfb3700bb117d71621105b8df0
-
SHA1
37238133a1408bc9f461f53bc4d2b0a95368c4fe
-
SHA256
cc173ea5d9d65f486c1629bb9208308420f3b813c2fcd6ac80ba3c8bc9f2eef3
-
SHA512
afd9f7ea2b0f99345294e5f0a5efcc5bd784bedf6c21794a96a8882dd1a40189a9c9eb5667b2023412289364efb931a7ed972e818866b8810b9ea3e0bec96d9b
-
SSDEEP
196608:azSibqEKUCLnIu3B4dWvyHzQZsugt2JFRZlML:kjqNIBdmyH/ugt2tML
Behavioral task
behavioral1
Sample
IPTV Checker v0.3.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
IPTV Checker v0.3.exe
-
Size
8.0MB
-
MD5
79d0adbfb3700bb117d71621105b8df0
-
SHA1
37238133a1408bc9f461f53bc4d2b0a95368c4fe
-
SHA256
cc173ea5d9d65f486c1629bb9208308420f3b813c2fcd6ac80ba3c8bc9f2eef3
-
SHA512
afd9f7ea2b0f99345294e5f0a5efcc5bd784bedf6c21794a96a8882dd1a40189a9c9eb5667b2023412289364efb931a7ed972e818866b8810b9ea3e0bec96d9b
-
SSDEEP
196608:azSibqEKUCLnIu3B4dWvyHzQZsugt2JFRZlML:kjqNIBdmyH/ugt2tML
-
Detects SvcStealer Payload
SvcStealer aka Diamotrix Clipper is a stealer/downloader written in C++.
-
SvcStealer, Diamotrix
SvcStealer aka Diamotrix Clipper is a stealer/downloader written in C++.
-
Svcstealer family
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v16
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
2Credentials In Files
2