stealc | cb664fc08a69a03e1d7ad2d47b9d7397330601fcfd8d559149ee606d782f14ad

Analysis

max time kernel
149s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20240412-en
resource tags

arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
submitted
23/04/2024, 01:56

Target

cb664fc08a69a03e1d7ad2d47b9d7397330601fcfd8d559149ee606d782f14ad.exe
Size

270KB
MD5

183faeaa6b8b72bc6a5b1e8400d8f8b5
SHA1

32e157414d8fa4c019ae1571af51d8767f0e8536
SHA256

cb664fc08a69a03e1d7ad2d47b9d7397330601fcfd8d559149ee606d782f14ad
SHA512

eaf20876424ef3adc150aa38787da25b99ee95164b6c08eb665869bd51acad2672ca03cb109709d17b4d1a64128001f7249cb57d675329072cff63270b271117
SSDEEP

3072:Y48FDwWKeAwiDlyISU4Q5Qf0W8MpHBSj0s5bdw35OCQN0/1XOG6HaR:QKdyIS5Q5wF8+o0s9drE/1l

Score

10^/10

stealc stealer

Program crash 1 IoCs

pid	pid_target	Process	procid_target
4264	3780	WerFault.exe	86

C:\Users\Admin\AppData\Local\Temp\cb664fc08a69a03e1d7ad2d47b9d7397330601fcfd8d559149ee606d782f14ad.exe
"C:\Users\Admin\AppData\Local\Temp\cb664fc08a69a03e1d7ad2d47b9d7397330601fcfd8d559149ee606d782f14ad.exe"
1⤵
PID:3780
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 3780 -s 1220
  2⤵
  - Program crash
  PID:4264

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 440 -p 3780 -ip 3780
1⤵
PID:5000

memory/3780-1-0x0000000002C90000-0x0000000002D90000-memory.dmp

Filesize
1024KB

Download
memory/3780-2-0x00000000030A0000-0x00000000030C7000-memory.dmp

Filesize
156KB

Download
memory/3780-3-0x0000000000400000-0x0000000002C26000-memory.dmp

Filesize
40.1MB

Download
memory/3780-4-0x0000000000400000-0x0000000002C26000-memory.dmp

Filesize
40.1MB

Download