Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Analysis

  • max time kernel
    90s
  • max time network
    95s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240412-en
  • resource tags

    arch:x64arch:x86image:win11-20240412-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    21-04-2024 20:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3cb5da92bc23b544620ceb5b2745775e5735d4e57345bf3160f90325496ffa9d.exe

  • Size

    258KB

  • MD5

    70193b3acc08646ecee56f35504a596d

  • SHA1

    0dc077b1a34c096ae8fdd65c90b63ab909e6385f

  • SHA256

    3cb5da92bc23b544620ceb5b2745775e5735d4e57345bf3160f90325496ffa9d

  • SHA512

    cff82e4fdb2365337632153c9b6a3422ff8f42ec241863800c239d9b6e75d1d88deb27a348ac3fbe11df26b1b4284a585e5b593e087905d076bcf2dd52c571dc

  • SSDEEP

    3072:/2KfGczRWQ94sndaKh+4FNKlHEm7lwevHLJPN8lgGIpkBLYWGkSebNXy2R5ioWt:McFpF5hSHEmxH9PiKGIWBWdQioRz

Score
10/10
stealcstealer

Malware Config

Signatures

  • Stealc

    Stealc is an infostealer written in C++.

    stealerstealc
  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3cb5da92bc23b544620ceb5b2745775e5735d4e57345bf3160f90325496ffa9d.exe
    "C:\Users\Admin\AppData\Local\Temp\3cb5da92bc23b544620ceb5b2745775e5735d4e57345bf3160f90325496ffa9d.exe"
    1⤵
      PID:652
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 652 -s 1352
        2⤵
        • Program crash
        PID:1864
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 652 -ip 652
      1⤵
        PID:3392

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/652-2-0x0000000005E90000-0x0000000005EB7000-memory.dmp

        Filesize

        156KB

        Download

      • memory/652-1-0x0000000004270000-0x0000000004370000-memory.dmp

        Filesize

        1024KB

        Download

      • memory/652-3-0x0000000000400000-0x0000000004034000-memory.dmp

        Filesize

        60.2MB

        Download