povertystealer | 0c34de0c193b34f4860f183853bd4f1aa1ab3a82114f8bfa980e537ee10799e9 | Triage

Submit
Reports

Overview

overview

Static

static

1

winprofile

windows7-x64

3

winprofile

windows10-1703-x64

Sharing

General

Target

0c34de0c193b34f4860f183853bd4f1aa1ab3a82114f8bfa980e537ee10799e9
Size

241KB
Sample

240701-fned2szgjp
MD5

9fac1c87aac3e528203e3f76e3f9c8b1
SHA1

1253fc28bc7acb2d8ac9614d62be4bdd89d94bdb
SHA256

0c34de0c193b34f4860f183853bd4f1aa1ab3a82114f8bfa980e537ee10799e9
SHA512

f9de3dc2187f677c72850879b468f750e669964a2e2c5e6c29ab5804f55eb4fde5e6c27db8d6a8daf1b3077eebb45300ccecbc69ba15a37151b9dcd41fd47d8a
SSDEEP

3072:i8aJq1icGjdwnw4CydWqJYk+EV/GdcKrZmMMnBESzXtoLdFv9YbUgY9jPhJyefHN:vycGw/1+kLGdcKrQM6ESz9cJyGHHEO

Score

10^/10

povertystealer spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

0c34de0c193b34f4860f183853bd4f1aa1ab3a82114f8bfa980e537ee10799e9.exe

Resource

win7-20240508-en

windows7-x64

2 signatures

300 seconds

Behavioral task

behavioral2

Sample

0c34de0c193b34f4860f183853bd4f1aa1ab3a82114f8bfa980e537ee10799e9.exe

Resource

win10-20240404-en

povertystealer spyware stealer

windows10-1703-x64

6 signatures

300 seconds

Malware Config

Targets

- Target
  
  0c34de0c193b34f4860f183853bd4f1aa1ab3a82114f8bfa980e537ee10799e9
- Size
  
  241KB
- MD5
  
  9fac1c87aac3e528203e3f76e3f9c8b1
- SHA1
  
  1253fc28bc7acb2d8ac9614d62be4bdd89d94bdb
- SHA256
  
  0c34de0c193b34f4860f183853bd4f1aa1ab3a82114f8bfa980e537ee10799e9
- SHA512
  
  f9de3dc2187f677c72850879b468f750e669964a2e2c5e6c29ab5804f55eb4fde5e6c27db8d6a8daf1b3077eebb45300ccecbc69ba15a37151b9dcd41fd47d8a
- SSDEEP
  
  3072:i8aJq1icGjdwnw4CydWqJYk+EV/GdcKrZmMMnBESzXtoLdFv9YbUgY9jPhJyefHN:vycGw/1+kLGdcKrQM6ESz9cJyGHHEO
Score

10^/10

povertystealer spyware stealer
- Detect Poverty Stealer Payload
- Poverty Stealer
  Poverty Stealer is a crypto and infostealer written in C++.
  stealer povertystealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

povertystealerspywarestealer

© 2018-2024

Terms | Privacy