Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Analysis

  • max time kernel
    91s
  • max time network
    123s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26-04-2024 18:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5d8196c00ee263adcb8ae1b51788a6542be0d254def4ed821a663b7328c1b5f9.exe

  • Size

    305KB

  • MD5

    56b6828e712ea15dc7d187d2f5634ead

  • SHA1

    4e28f1824261e914bf1e2509235c20d6e9c00eba

  • SHA256

    5d8196c00ee263adcb8ae1b51788a6542be0d254def4ed821a663b7328c1b5f9

  • SHA512

    74a1211be7786587cd317c03b85d70a33770703c7c869a9d46635fdd73803c51b379fff46caa6e0abe38b038c882b069ca92968f0ca56f73e96b250f19291645

  • SSDEEP

    3072:ivQjEf2YpMbdAUXJsl+VH6kVcUf2cci90o5D/kzFAgRGwB/gJj1yHrm+fQJGESXa:g6AUOdOH2TLykJfcHRyHrtfQJGfX3K

Score
10/10
stealcstealer

Malware Config

Signatures

  • Stealc

    Stealc is an infostealer written in C++.

    stealerstealc
  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5d8196c00ee263adcb8ae1b51788a6542be0d254def4ed821a663b7328c1b5f9.exe
    "C:\Users\Admin\AppData\Local\Temp\5d8196c00ee263adcb8ae1b51788a6542be0d254def4ed821a663b7328c1b5f9.exe"
    1⤵
      PID:4412
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 4412 -s 984
        2⤵
        • Program crash
        PID:3108
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 488 -p 4412 -ip 4412
      1⤵
        PID:1532

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/4412-1-0x00000000041C0000-0x00000000042C0000-memory.dmp

        Filesize

        1024KB

        Download

      • memory/4412-2-0x0000000005C60000-0x0000000005C87000-memory.dmp

        Filesize

        156KB

        Download

      • memory/4412-3-0x0000000000400000-0x000000000403D000-memory.dmp

        Filesize

        60.2MB

        Download

      • memory/4412-4-0x0000000000400000-0x000000000403D000-memory.dmp

        Filesize

        60.2MB

        Download