Overview

overview

10

Static

static

3

797a233c96...f3.exe

windows7-x64

10

797a233c96...f3.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    135s
  • max time network
    140s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17/04/2024, 09:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    797a233c96daa9c86d9035ec023258f3.exe

  • Size

    306KB

  • MD5

    797a233c96daa9c86d9035ec023258f3

  • SHA1

    dc7004f0a25abbb8d3e1cb32ca4e4cc743655c7d

  • SHA256

    1fc72c18b636e240637025cb7bf63a10c06d748f0638d17b3746d6ec3ffeac23

  • SHA512

    183548e20224f320c6742d40d26cff80a48ac237624d54b8de474aaf98fcb66b60c8d2c78b06c74fd5264306dd7203a0e433d1680dbbc13bedd0fce17567bc37

  • SSDEEP

    3072:MmhodyTiEb28g2o3pTg/P9LQK5+XPbbKw1XXN8HSKCmnTTpv07A+3ov96RWUrqbI:eydi82g3RQK56ThXN8TO41+wFEIaB

Score
10/10
stealcstealer

Malware Config

Signatures

  • Stealc

    Stealc is an infostealer written in C++.

    stealerstealc
  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\797a233c96daa9c86d9035ec023258f3.exe
    "C:\Users\Admin\AppData\Local\Temp\797a233c96daa9c86d9035ec023258f3.exe"
    1⤵
      PID:5116
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 5116 -s 1300
        2⤵
        • Program crash
        PID:4072
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 440 -p 5116 -ip 5116
      1⤵
        PID:3528

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/5116-1-0x0000000002DB0000-0x0000000002EB0000-memory.dmp

        Filesize

        1024KB

        Download

      • memory/5116-2-0x0000000004A70000-0x0000000004A97000-memory.dmp

        Filesize

        156KB

        Download

      • memory/5116-3-0x0000000000400000-0x0000000002D2A000-memory.dmp

        Filesize

        41.2MB

        Download

      • memory/5116-4-0x0000000000400000-0x0000000002D2A000-memory.dmp

        Filesize

        41.2MB

        Download