General
-
Target
build.exe
-
Size
1.6MB
-
Sample
240629-snnzpstajj
-
MD5
9bb387b9f60af09e3dfcc0c60e24c8d0
-
SHA1
93926985e5404b7cb7504706b27ea21d30fe51f8
-
SHA256
842e7116969f5c569fd85f4a6b3c6c849934a567336fa8c4b79a47780d5cb871
-
SHA512
cd2942776817183a3443bfe7ca8c63d291dee3f19b5e6e457a2729a7a76f1e21836ba51777391c9ec4aa34556cbadd796e019958c27df677ae47e885032c12e8
-
SSDEEP
49152:SLTq24GjdGSiqkqXfd+/9AqYanieKdQq:SiEjdGSiqkqXf0FLYW
Behavioral task
behavioral1
Sample
build.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
stealerium
https://discord.com/api/webhooks/1256621058077757532/9TEeZGRK0fYqfCt7Pv7Yoys6JtQn3EAKRzGBihod1V3kvUOM85HSEdoFz0zghpUfOujg
Targets
-
-
Target
build.exe
-
Size
1.6MB
-
MD5
9bb387b9f60af09e3dfcc0c60e24c8d0
-
SHA1
93926985e5404b7cb7504706b27ea21d30fe51f8
-
SHA256
842e7116969f5c569fd85f4a6b3c6c849934a567336fa8c4b79a47780d5cb871
-
SHA512
cd2942776817183a3443bfe7ca8c63d291dee3f19b5e6e457a2729a7a76f1e21836ba51777391c9ec4aa34556cbadd796e019958c27df677ae47e885032c12e8
-
SSDEEP
49152:SLTq24GjdGSiqkqXfd+/9AqYanieKdQq:SiEjdGSiqkqXf0FLYW
-
Accesses Microsoft Outlook profiles
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-