MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 53e61067c0f26d6d127ceed558a5ea4f3058ea46990c7221bbf039e7cefbee9e. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


EpsilonStealer


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 53e61067c0f26d6d127ceed558a5ea4f3058ea46990c7221bbf039e7cefbee9e
SHA3-384 hash: 37abe4dd70103948f27dab903d9a2aafbce7498bc7ffa99a2554579c5c68c473ee7ae76eb632c742113b4aa658016f70
SHA1 hash: d436df52b47fc2181bdce97c73c1452761c14375
MD5 hash: 3feb95b3d2801fb6e8b0aa554983990c
humanhash: virginia-august-alanine-spaghetti
File name:PlanetsTherapy.rar
Download: download sample
Signature EpsilonStealer
Create hunting rule
File size:74'910'584 bytes
First seen:2024-01-13 22:02:35 UTC
Last seen:Never
File type: rar
MIME type:application/x-rar
Note:This file is a password protected archive. The password is: beta
ssdeep 1572864:DxDNYgmsY++JEXG5lAv+PQUnxUXTdVB15PjMPnK8gGnShqvo9:tGeY++ut+P/nxKdVtPj8K8tSWo9
TLSH T1CFF733FFE7A0E710248E56A7E114421D401C0FCC9397B79FC04BB23926BB6E995FA562
TrID 61.5% (.RAR) RAR compressed archive (v5.0) (8000/1)
38.4% (.RAR) RAR compressed archive (gen) (5000/1)
Reporter beansoup
Tags:discord EpsilonStealer PlanetsTherapy pw-beta rar

Intelligence

File Origin
# of uploads :
1
# of downloads :
156
Origin country :
NL NL
File Archive Information

This file archive contains 1 file(s), sorted by their relevance:

File name:PlanetsTherapy.exe
File size:74'793'161 bytes
SHA256 hash: 1f75823631e70c74d3c906e6e51bd24d6e109729a8dc703aa712e8174e208330
MD5 hash: fd4dbfa9eedeb18ec739a5f20efdcbd0
MIME type:application/x-dosexec
Signature EpsilonStealer
Vendor Threat Intelligence
Gathering data
Verdict:
Unknown
Link:
https://www.hybrid-analysis.com/sample/53e61067c0f26d6d127ceed558a5ea4f3058ea46990c7221bbf039e7cefbee9e
Result
Verdict:
MALICIOUS
Gathering data
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=kptbaz6a6jww2et453kvrjpkj4yfr2sgteghein36a46ptx352pa._file
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

EpsilonStealer

rar 53e61067c0f26d6d127ceed558a5ea4f3058ea46990c7221bbf039e7cefbee9e

(this sample)

EpsilonStealer

Executable exe 1f75823631e70c74d3c906e6e51bd24d6e109729a8dc703aa712e8174e208330

  
Link
https://cdn.discordapp.com/attachments/1195683358328500324/1195831830071492699/PlanetsTherapy.rar?ex=65b56c2d&is=65a2f72d&hm=d6a8e16a651fa91637573161b20a6987f499456d1d95380d6eb9487553ae5467&
  
Link
https://planets-therapy.com/
  
Dropping
SHA256 1f75823631e70c74d3c906e6e51bd24d6e109729a8dc703aa712e8174e208330
  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/2748671/
  
URLhaus
https://urlhaus.abuse.ch/url/2748672/

Comments