Overview

overview

10

Static

static

3d651f6264...2c.exe

windows7_x64

10

3d651f6264...2c.exe

windows10-2004_x64

10

Analysis

  • max time kernel
    136s
  • max time network
    137s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220310-en
  • submitted
    14-04-2022 13:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3d651f6264da7ba84b71f9495f815b26254a4d3085760c5d97b40d40a998d02c.exe

  • Size

    1.1MB

  • MD5

    0926c811a25166772fe8e5b851111ac0

  • SHA1

    3dd43c9f30d385c375303cba97bca5ee5f136a2a

  • SHA256

    3d651f6264da7ba84b71f9495f815b26254a4d3085760c5d97b40d40a998d02c

  • SHA512

    6092b0b0b15409b09f9b4ee29ee7efbf2021a08895247232112b5aff87568ed493472939939673c2d23dde535febd5758ff55bd58fc740c0176a20094cddd5fd

Score
10/10
metastealerstealer

Malware Config

Signatures

  • Meta Stealer Stealer

    Meta Stealer steals passwords stored in browsers, written in C++.

    stealermetastealer
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3d651f6264da7ba84b71f9495f815b26254a4d3085760c5d97b40d40a998d02c.exe
    "C:\Users\Admin\AppData\Local\Temp\3d651f6264da7ba84b71f9495f815b26254a4d3085760c5d97b40d40a998d02c.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:1296

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1296-134-0x0000000000470000-0x0000000000594000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1296-135-0x0000000004F70000-0x000000000500C000-memory.dmp

    Filesize

    624KB

    Download

  • memory/1296-136-0x0000000007F80000-0x0000000008524000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/1296-137-0x0000000007AD0000-0x0000000007B62000-memory.dmp

    Filesize

    584KB

    Download

  • memory/1296-138-0x0000000007B70000-0x0000000007BD6000-memory.dmp

    Filesize

    408KB

    Download

  • memory/1296-139-0x0000000008F30000-0x00000000090F2000-memory.dmp

    Filesize

    1.8MB

    Download

  • memory/1296-140-0x0000000009630000-0x0000000009B5C000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/1296-141-0x0000000008E70000-0x0000000008E92000-memory.dmp

    Filesize

    136KB

    Download