Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Analysis

  • max time kernel
    150s
  • max time network
    152s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240412-en
  • resource tags

    arch:x64arch:x86image:win11-20240412-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    18/04/2024, 04:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    df5177dcc97bbf4d0a901a6c0c9f0b5df58fbeaacc7006b7a057c26c51c4bf7e.exe

  • Size

    270KB

  • MD5

    d208470f146fda443f2e54285eb97364

  • SHA1

    c44e41b8c6150acf3d2123f6d74eb476d33c8515

  • SHA256

    df5177dcc97bbf4d0a901a6c0c9f0b5df58fbeaacc7006b7a057c26c51c4bf7e

  • SHA512

    4b05f0ad148af6cbd934c492706bc3b51e848ceb232d6b6fc9ece78f3a114671624c6b88dde77b21dd0c4093004b4b4fbd093cb590ff3f244913733b06e527e3

  • SSDEEP

    6144:IL4Q2yp+aSbCx6UV5JdXWPF1Hjuy9KEaYTg:IVZ+zuVVZADuJ

Score
10/10
stealcstealer

Malware Config

Signatures

  • Stealc

    Stealc is an infostealer written in C++.

    stealerstealc
  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\df5177dcc97bbf4d0a901a6c0c9f0b5df58fbeaacc7006b7a057c26c51c4bf7e.exe
    "C:\Users\Admin\AppData\Local\Temp\df5177dcc97bbf4d0a901a6c0c9f0b5df58fbeaacc7006b7a057c26c51c4bf7e.exe"
    1⤵
      PID:3304
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 3304 -s 1120
        2⤵
        • Program crash
        PID:2704
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 3304 -ip 3304
      1⤵
        PID:452

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/3304-1-0x0000000002D20000-0x0000000002E20000-memory.dmp

        Filesize

        1024KB

        Download

      • memory/3304-2-0x0000000004A90000-0x0000000004AB7000-memory.dmp

        Filesize

        156KB

        Download

      • memory/3304-3-0x0000000000400000-0x0000000002C26000-memory.dmp

        Filesize

        40.1MB

        Download

      • memory/3304-4-0x0000000000400000-0x0000000002C26000-memory.dmp

        Filesize

        40.1MB

        Download

      • memory/3304-5-0x0000000004A90000-0x0000000004AB7000-memory.dmp

        Filesize

        156KB

        Download