Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Analysis

  • max time kernel
    147s
  • max time network
    150s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240426-en
  • resource tags

    arch:x64arch:x86image:win11-20240426-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    26/04/2024, 17:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    16eb8c45c1f88e11e4bd85eb7a1df59dc70d75af63475be06a2b9ba50259dddd.exe

  • Size

    307KB

  • MD5

    35ec03da4e9cedb72b71ce0caea10440

  • SHA1

    52ac531ee2f242f65f040bb39f82db9826f48ed6

  • SHA256

    16eb8c45c1f88e11e4bd85eb7a1df59dc70d75af63475be06a2b9ba50259dddd

  • SHA512

    9627c7ce9a90516bc88081187355f5e813add9ca671ed61e927755dae9b39e47bcc9b125c31656b90c69a6768e7572459e96f01f6af176617b81cc8c928273c0

  • SSDEEP

    3072:/UMoCKq9IpSH7vtQj+VrEEOwYJwxswSF7DHWq9vPIyipEG0xZeR7jBYNQJGESXFc:sHIbsgq2/S8q9+pPYZm7dAQJGfXTcB

Score
10/10
stealcstealer

Malware Config

Signatures

  • Stealc

    Stealc is an infostealer written in C++.

    stealerstealc
  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\16eb8c45c1f88e11e4bd85eb7a1df59dc70d75af63475be06a2b9ba50259dddd.exe
    "C:\Users\Admin\AppData\Local\Temp\16eb8c45c1f88e11e4bd85eb7a1df59dc70d75af63475be06a2b9ba50259dddd.exe"
    1⤵
      PID:2824
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 2824 -s 1360
        2⤵
        • Program crash
        PID:4704
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 2824 -ip 2824
      1⤵
        PID:3752

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/2824-1-0x0000000004210000-0x0000000004310000-memory.dmp

        Filesize

        1024KB

        Download

      • memory/2824-2-0x0000000000400000-0x000000000403D000-memory.dmp

        Filesize

        60.2MB

        Download

      • memory/2824-3-0x0000000005D40000-0x0000000005D67000-memory.dmp

        Filesize

        156KB

        Download

      • memory/2824-5-0x0000000000400000-0x000000000403D000-memory.dmp

        Filesize

        60.2MB

        Download