Overview

overview

10

Static

static

3

6990b050ea...50.exe

windows7-x64

10

6990b050ea...50.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    150s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19/04/2024, 01:30

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    6990b050ea013f9b45df9fc7b3db7e1e6e25631de7761e1f7f2f72501535af50.exe

  • Size

    350KB

  • MD5

    501d81449db6ea038b3587abbb03c650

  • SHA1

    7595f03834fa065581cebb52e0bdad5b80b51d64

  • SHA256

    6990b050ea013f9b45df9fc7b3db7e1e6e25631de7761e1f7f2f72501535af50

  • SHA512

    41e623b88834bd222f1f94f191686184aa8651414138ec83ea79d84196779f9fd1d54612e7ac1045aee5f1a270d664a837a03f5709fc1090c55a748d8bc31a5f

  • SSDEEP

    3072:mdm38qGuPwLNjKoXgHtoFo+OMqvUOwq+2M47zXvRgnmSnV3ulBdss5YlgQ6wh6kF:UcCjdQoFokuNM8bvRQ7cdQgKoUOl

Score
10/10
stealcstealer

Malware Config

Signatures

  • Stealc

    Stealc is an infostealer written in C++.

    stealerstealc
  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6990b050ea013f9b45df9fc7b3db7e1e6e25631de7761e1f7f2f72501535af50.exe
    "C:\Users\Admin\AppData\Local\Temp\6990b050ea013f9b45df9fc7b3db7e1e6e25631de7761e1f7f2f72501535af50.exe"
    1⤵
      PID:3492
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 3492 -s 1016
        2⤵
        • Program crash
        PID:3484
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 464 -p 3492 -ip 3492
      1⤵
        PID:2256

      Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • memory/3492-1-0x0000000002E70000-0x0000000002F70000-memory.dmp

              Filesize

              1024KB

              Download

            • memory/3492-2-0x0000000004A80000-0x0000000004AA7000-memory.dmp

              Filesize

              156KB

              Download

            • memory/3492-3-0x0000000000400000-0x0000000002D36000-memory.dmp

              Filesize

              41.2MB

              Download

            • memory/3492-4-0x0000000000400000-0x0000000002D36000-memory.dmp

              Filesize

              41.2MB

              Download

            • memory/3492-5-0x0000000004A80000-0x0000000004AA7000-memory.dmp

              Filesize

              156KB

              Download