Overview

overview

10

Static

static

10

Samples 6/...ca.exe

windows7-x64

7

Samples 6/...ca.exe

windows10-2004-x64

7

Samples 6/...4e.exe

windows7-x64

10

Samples 6/...4e.exe

windows10-2004-x64

10

Samples 6/...31.exe

windows7-x64

10

Samples 6/...31.exe

windows10-2004-x64

10

Samples 6/...4b.exe

windows7-x64

7

Samples 6/...4b.exe

windows10-2004-x64

7

Samples 6/...1a.exe

windows7-x64

10

Samples 6/...1a.exe

windows10-2004-x64

10

Samples 6/...18.exe

windows7-x64

1

Samples 6/...18.exe

windows10-2004-x64

1

Samples 7/...22.exe

windows7-x64

3

Samples 7/...22.exe

windows10-2004-x64

3

Samples 7/...41.exe

windows7-x64

10

Samples 7/...41.exe

windows10-2004-x64

10

Samples 7/...62.exe

windows7-x64

10

Samples 7/...62.exe

windows10-2004-x64

10

Samples 7/...c5.exe

windows7-x64

10

Samples 7/...c5.exe

windows10-2004-x64

10

Samples 7/...a6.exe

windows7-x64

10

Samples 7/...a6.exe

windows10-2004-x64

10

Samples 7/...64.exe

windows7-x64

10

Samples 7/...64.exe

windows10-2004-x64

10

Samples 7/...a5.exe

windows7-x64

10

Samples 7/...a5.exe

windows10-2004-x64

10

Samples 7/...0d.exe

windows7-x64

10

Samples 7/...0d.exe

windows10-2004-x64

10

Samples 7/...de.exe

windows7-x64

7

Samples 7/...de.exe

windows10-2004-x64

7

Samples 7/...de.exe

windows7-x64

10

Samples 7/...de.exe

windows10-2004-x64

10

Resubmissions

07-01-2024 18:26

240107-w3ameabffn 10

Analysis

  • max time kernel
    113s
  • max time network
    169s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07-01-2024 18:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Samples 7/da52dc0f002d544115f1d64dbc1d7ec9569be150d59cfe0bfd3f6bb5aed54dc5.exe

  • Size

    254KB

  • MD5

    cf5cb731825863750c4b86a3df164db7

  • SHA1

    044889a9bb37f16cc09c6217006e74c1b6aba492

  • SHA256

    da52dc0f002d544115f1d64dbc1d7ec9569be150d59cfe0bfd3f6bb5aed54dc5

  • SHA512

    d8345f6cf580d1d29998e2b54facb82807e07a0a03539475e4bf7b8d21e91d60117057a28220d0f033f8c2c9ce36b3143ae511d639a7f446064c0cf32e9f6163

  • SSDEEP

    3072:NFRbzeTt7LnZ+TCUOM6qvzPOGQbFvSlnjWQYtJ4oEKq5X//lV17:XRbzep7LnoT/OxyTPIvSpS7tJC/vp

Score
10/10
stealcstealer

Malware Config

Extracted

Family

stealc

C2

http://jaimemcgee.top

Attributes
  • url_path

    /40d570f44e84a454.php

rc4.plain

Signatures

  • Stealc

    Stealc is an infostealer written in C++.

    stealerstealc
  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Samples 7\da52dc0f002d544115f1d64dbc1d7ec9569be150d59cfe0bfd3f6bb5aed54dc5.exe
    "C:\Users\Admin\AppData\Local\Temp\Samples 7\da52dc0f002d544115f1d64dbc1d7ec9569be150d59cfe0bfd3f6bb5aed54dc5.exe"
    1⤵
      PID:2448
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 2448 -s 388
        2⤵
        • Program crash
        PID:4516
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 472 -p 2448 -ip 2448
      1⤵
        PID:2032

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/2448-1-0x0000000000820000-0x0000000000920000-memory.dmp

        Filesize

        1024KB

        Download

      • memory/2448-2-0x00000000007D0000-0x00000000007EB000-memory.dmp

        Filesize

        108KB

        Download

      • memory/2448-3-0x0000000000400000-0x000000000062D000-memory.dmp

        Filesize

        2.2MB

        Download

      • memory/2448-4-0x0000000000400000-0x000000000062D000-memory.dmp

        Filesize

        2.2MB

        Download