Windows Analysis Report
17280510291c8c4b14cfdc13ed55b84a8f19edbb1b8c49ab6ac884e9410d7eb616a06fbee4438.dat-decoded.exe

Overview

General Information

Sample name: 17280510291c8c4b14cfdc13ed55b84a8f19edbb1b8c49ab6ac884e9410d7eb616a06fbee4438.dat-decoded.exe
Analysis ID: 1525916
MD5: 1d639e72fa395807b75244d37992e535
SHA1: d25cef942f2167a7b403a3e9a8b889dd55c68ea7
SHA256: 7472a41d7e387fb7bb36e5cb682caf2cedfbc642b10eb7e727147102ddb3e938
Tags: base64-decodedexeuser-abuse_ch
Infos:
Errors
  • No process behavior to analyse as no analysis process or sample was found
  • Corrupt sample or wrongly selected analyzer. Details: The image file %1 is valid, but is for a machine type other than the current machine.

Detection

Poverty Stealer
Score: 48
Range: 0 - 100
Whitelisted: false
Confidence: 100%

Signatures

Yara detected Poverty Stealer

Classification

Source: classification engine Classification label: mal48.troj.winEXE@0/0@0/0

Stealing of Sensitive Information
barindex
Yara detected Poverty Stealer
Source: Yara match File source: 17280510291c8c4b14cfdc13ed55b84a8f19edbb1b8c49ab6ac884e9410d7eb616a06fbee4438.dat-decoded.exe, type: SAMPLE

Remote Access Functionality
barindex
Yara detected Poverty Stealer
Source: Yara match File source: 17280510291c8c4b14cfdc13ed55b84a8f19edbb1b8c49ab6ac884e9410d7eb616a06fbee4438.dat-decoded.exe, type: SAMPLE
windows-stand
Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 signatures2 2 Behavior Graph ID: 1525916 Sample: 17280510291c8c4b14cfdc13ed5... Startdate: 04/10/2024 Architecture: WINDOWS Score: 48 5 Yara detected Poverty Stealer 2->5
No contacted IP infos