Collector-stealer: a Russian origin credential and information extractor
Common Information
| Type | Value |
|---|---|
| UUID | c8c47a43-b5e7-4abc-9db1-d229a45d351a |
| Fingerprint | 7d395a978fd23712681d15ee33fe72ede454f09b99d629907517e2e9f2cc1794 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Dec. 6, 2021, 11:45 a.m. |
| Added to db | April 18, 2024, 11:08 a.m. |
| Last updated | Aug. 31, 2024, 1:18 a.m. |
| Headline | Collector-stealer: a Russian origin credential and information extractor |
| Title | Collector-stealer: a Russian origin credential and information extractor |
| Detected Hints/Tags/Attributes | 121/4/47 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 247 | www.virusbulletin.com |
|
| Details | Domain | 2 | ethhomework.online |
|
| Details | Domain | 2 | hostero.eu |
|
| Details | Domain | 281 | docs.microsoft.com |
|
| Details | Domain | 2 | f0537213.xsph.ru |
|
| Details | Domain | 2 | fata-collector.online |
|
| Details | Domain | 2 | f0542175.xsph.ru |
|
| Details | Domain | 2 | f0538564.xsph.ru |
|
| Details | Domain | 2 | f0537214.xsph.ru |
|
| Details | Domain | 2 | f0548561.xsph.ru |
|
| Details | Domain | 2 | collector-node.us |
|
| Details | Domain | 2 | collector-gate01.us |
|
| Details | Domain | 2 | collector-steal.ga |
|
| Details | Domain | 2 | a0556434.xsph.ru |
|
| Details | File | 50 | urlmon.dll |
|
| Details | File | 146 | wininet.dll |
|
| Details | File | 83 | crypt32.dll |
|
| Details | File | 185 | shell32.dll |
|
| Details | File | 291 | user32.dll |
|
| Details | File | 748 | kernel32.dll |
|
| Details | File | 33 | gdiplus.dll |
|
| Details | File | 96 | wallet.dat |
|
| Details | File | 2 | desktop.png |
|
| Details | File | 104 | sqlite3.dll |
|
| Details | File | 45 | information.txt |
|
| Details | File | 2126 | cmd.exe |
|
| Details | md5 | 2 | a9e3f9fb9cf5ae8dcbfd139ecadb961a |
|
| Details | md5 | 2 | bd27acd9bc0ba05847dc0d8ea443e437 |
|
| Details | md5 | 2 | 253ce038dd0e2a30165f24b18aaa34d3 |
|
| Details | md5 | 2 | eb8e99e82b6ed97f89292467aa8dc866 |
|
| Details | IPv4 | 198 | 1.1.1.1 |
|
| Details | MITRE ATT&CK Techniques | 49 | T1074.001 |
|
| Details | MITRE ATT&CK Techniques | 157 | T1560 |
|
| Details | MITRE ATT&CK Techniques | 219 | T1113 |
|
| Details | MITRE ATT&CK Techniques | 585 | T1083 |
|
| Details | MITRE ATT&CK Techniques | 86 | T1124 |
|
| Details | MITRE ATT&CK Techniques | 501 | T1012 |
|
| Details | MITRE ATT&CK Techniques | 1006 | T1082 |
|
| Details | MITRE ATT&CK Techniques | 42 | T1016.001 |
|
| Details | MITRE ATT&CK Techniques | 333 | T1059.003 |
|
| Details | MITRE ATT&CK Techniques | 172 | T1555 |
|
| Details | MITRE ATT&CK Techniques | 99 | T1539 |
|
| Details | MITRE ATT&CK Techniques | 442 | T1071.001 |
|
| Details | MITRE ATT&CK Techniques | 492 | T1105 |
|
| Details | MITRE ATT&CK Techniques | 627 | T1027 |
|
| Details | MITRE ATT&CK Techniques | 15 | T1036.001 |
|
| Details | Url | 2 | https://docs.microsoft.com/en-us/windows/win32/api/fileapi/nf-fileapi-createfilew. |