vulturi | 1101bfec0f787f301b9dc14bcd3461345b7eeb03893b3cb7d058be35a5195611 | Triage

Submit
Reports

Overview

overview

Static

static

40e32c2985...3f.exe

windows7-x64

40e32c2985...3f.exe

windows10-2004-x64

Sharing

General

Target

40e32c29850d56bd7403be67debc893f
Size

291KB
Sample

240104-pwxp2afehm
MD5

40e32c29850d56bd7403be67debc893f
SHA1

4fb35c8070c60da9ca375979668a1a25f90d57f2
SHA256

1101bfec0f787f301b9dc14bcd3461345b7eeb03893b3cb7d058be35a5195611
SHA512

845829f596c776c6d10bf2dd133519302de38173150e4e5b98f4eee32c90032b5e2775dd0b1a31823aa21d2f7c4f1b2ef17e2a4d9e65dc8953dd3b5409b7f68c
SSDEEP

6144:kqQDhqYPR4+n1XmnHRd7umEKoY2axlZlkvbV1sh:kqQAYxn1XGHRd7XEKoSTEsh

Score

10^/10

vulturi stealer

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

40e32c29850d56bd7403be67debc893f.exe

Resource

win7-20231129-en

vulturi stealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

40e32c29850d56bd7403be67debc893f.exe

Resource

win10v2004-20231215-en

vulturi stealer

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

vulturi

C2

http://199.247.17.103:5050/gate

Attributes

c2_encryption_key
zagadka1337
c2_user
root

Targets

- Target
  
  40e32c29850d56bd7403be67debc893f
- Size
  
  291KB
- MD5
  
  40e32c29850d56bd7403be67debc893f
- SHA1
  
  4fb35c8070c60da9ca375979668a1a25f90d57f2
- SHA256
  
  1101bfec0f787f301b9dc14bcd3461345b7eeb03893b3cb7d058be35a5195611
- SHA512
  
  845829f596c776c6d10bf2dd133519302de38173150e4e5b98f4eee32c90032b5e2775dd0b1a31823aa21d2f7c4f1b2ef17e2a4d9e65dc8953dd3b5409b7f68c
- SSDEEP
  
  6144:kqQDhqYPR4+n1XmnHRd7umEKoY2axlZlkvbV1sh:kqQAYxn1XGHRd7XEKoSTEsh
Score

10^/10

vulturi stealer
- Vulturi
  An info stealer written in C# and first seen in January 2021.
  stealer vulturi
- Vulturi payload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Remote System Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy