Overview

overview

10

Static

static

3

crack jordanX.exe

windows7-x64

10

crack jordanX.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    152s
  • max time network
    166s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-10-2023 07:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    crack jordanX.exe

  • Size

    5.9MB

  • MD5

    f6019eccee4932eff045d4f00c9ac13a

  • SHA1

    71f5601a7191b72d68189493896075189fe1efbe

  • SHA256

    51350034de2aa39cc25c628a5d94736585624e0abe2d4896a521f0f137e8bce3

  • SHA512

    a524a3e1457064427dfc3af243a6be8f8a7d98cc77531b4aafcaff2626dd6c565d1d42a9f8de445bb9ed4c8e60dff45cfd22e878740ba2b6b775636acc6cb7ae

  • SSDEEP

    98304:E3r3P5N5KAGIZ3bFO3f5XtvPoRJRGoXgX9tttcGighIL7JxKDiRIU53zvqWlrL7v:E78O83f5Xt3oRJRGpUGigeKiIU5bxd5t

Score
10/10
elysiumstealerstealer

Malware Config

Signatures

  • ElysiumStealer

    ElysiumStealer (previously known as ZeromaxStealer) is an info stealer that can steal login credentials for various accounts.

    stealerelysiumstealer
  • ElysiumStealer Support DLL 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Drops file in Windows directory 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\crack jordanX.exe
    "C:\Users\Admin\AppData\Local\Temp\crack jordanX.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Windows directory
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:3820

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\Logs\Runtime.MSIL.1.0.0.0\cc.dll
    Filesize

    40KB

    MD5

    94173de2e35aa8d621fc1c4f54b2a082

    SHA1

    fbb2266ee47f88462560f0370edb329554cd5869

    SHA256

    7e2c70b7732fb1a9a61d7ce3d7290bc7b31ea28cbfb1dbc79d377835615b941f

    SHA512

    cadbf4db0417283a02febbabd337bf17b254a6eb6e771f8a553a140dd2b04efd0672b1f3175c044a3edd0a911ce59d6695f765555262560925f3159bb8f3b798

    Download Submit

  • memory/3820-17-0x0000000005180000-0x0000000005190000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3820-30-0x000000000A1B0000-0x000000000A2B0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/3820-16-0x0000000006D90000-0x0000000006E2C000-memory.dmp

    Filesize

    624KB

    Download

  • memory/3820-1-0x0000000000070000-0x0000000000656000-memory.dmp

    Filesize

    5.9MB

    Download

  • memory/3820-8-0x0000000005860000-0x0000000005E04000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/3820-9-0x00000000052B0000-0x0000000005342000-memory.dmp

    Filesize

    584KB

    Download

  • memory/3820-10-0x00000000051B0000-0x00000000051C2000-memory.dmp

    Filesize

    72KB

    Download

  • memory/3820-11-0x0000000005200000-0x000000000520A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/3820-12-0x0000000005440000-0x00000000055B6000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/3820-13-0x0000000005620000-0x0000000005652000-memory.dmp

    Filesize

    200KB

    Download

  • memory/3820-14-0x0000000074DF0000-0x00000000755A0000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/3820-15-0x0000000005180000-0x0000000005190000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3820-3-0x0000000004F80000-0x0000000004F8C000-memory.dmp

    Filesize

    48KB

    Download

  • memory/3820-2-0x0000000005180000-0x0000000005190000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3820-25-0x0000000005180000-0x0000000005190000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3820-19-0x0000000005180000-0x0000000005190000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3820-20-0x0000000005180000-0x0000000005190000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3820-21-0x0000000005180000-0x0000000005190000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3820-22-0x0000000005180000-0x0000000005190000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3820-23-0x0000000005180000-0x0000000005190000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3820-24-0x0000000005180000-0x0000000005190000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3820-18-0x0000000006A00000-0x0000000006A3C000-memory.dmp

    Filesize

    240KB

    Download

  • memory/3820-26-0x0000000005180000-0x0000000005190000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3820-27-0x000000000A1B0000-0x000000000A2B0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/3820-28-0x0000000005180000-0x0000000005190000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3820-29-0x0000000005180000-0x0000000005190000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3820-0-0x0000000074DF0000-0x00000000755A0000-memory.dmp

    Filesize

    7.7MB

    Download