povertystealer | a8de175826d6eff479d6f383514e6aac57c695831358a49b43baf2befc9d5b5f | Triage

Submit
Reports

Overview

overview

Static

static

3

544697a024...9e.exe

windows7-x64

544697a024...9e.exe

windows10-2004-x64

Sharing

General

Target

da4b6f39fc024d2383d4bfe7f67f1ee1.bin
Size

212KB
Sample

240705-d12c8s1hjr
MD5

9e3fbc7a29d17df5afcacfeaa21200eb
SHA1

e9786f55c6169774fc605abc1e4a69473e949a4b
SHA256

a8de175826d6eff479d6f383514e6aac57c695831358a49b43baf2befc9d5b5f
SHA512

ae9aa6aaa2e66f92aa8ccbc4279cf559b15c3b66b83ee56eefc6b990a15f731ac1349e0ecadb5037a9c26b2b149bdf5ee11c4ee006b1d00f387a1f7017343235
SSDEEP

3072:V60npChVzrfpwNkM5rtAc65kpj3YM7FgDZ7r1oGDWaUsSObiXKOd0MyBTioqUJmp:V5EzTpwKM5rehupjoAFI55O6R3M

Score

10^/10

povertystealer spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

544697a024abaea1b24eaa3d89869b2c8a4c1acf96d4e152f5632d338d054c9e.exe

Resource

win7-20240704-en

povertystealer spyware stealer

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

544697a024abaea1b24eaa3d89869b2c8a4c1acf96d4e152f5632d338d054c9e.exe

Resource

win10v2004-20240704-en

povertystealer spyware stealer

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  544697a024abaea1b24eaa3d89869b2c8a4c1acf96d4e152f5632d338d054c9e.exe
- Size
  
  564KB
- MD5
  
  da4b6f39fc024d2383d4bfe7f67f1ee1
- SHA1
  
  7cc975d9ff785e269163897907d0b9b3cee29956
- SHA256
  
  544697a024abaea1b24eaa3d89869b2c8a4c1acf96d4e152f5632d338d054c9e
- SHA512
  
  d73cc4d911d9e61711b97cb9212d5bc93cb1b1314a39945934eb92239a31728fcca7fefbec0143bad915b0a7a6b93df11d0ab7f559737aa7ec920bd24243fffe
- SSDEEP
  
  12288:No4ykJuqlLJop9G3/AmAGWn7sfPJYQIMt8KHsTH:NoBsLaDKAmAbUJ+M2K2
Score

10^/10

povertystealer spyware stealer
- Detect Poverty Stealer Payload
- Poverty Stealer
  Poverty Stealer is a crypto and infostealer written in C++.
  stealer povertystealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

povertystealerspywarestealer

behavioral2

povertystealerspywarestealer

© 2018-2024

Terms | Privacy