Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Analysis

  • max time kernel
    89s
  • max time network
    100s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240426-en
  • resource tags

    arch:x64arch:x86image:win11-20240426-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    26/04/2024, 18:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5d8196c00ee263adcb8ae1b51788a6542be0d254def4ed821a663b7328c1b5f9.exe

  • Size

    305KB

  • MD5

    56b6828e712ea15dc7d187d2f5634ead

  • SHA1

    4e28f1824261e914bf1e2509235c20d6e9c00eba

  • SHA256

    5d8196c00ee263adcb8ae1b51788a6542be0d254def4ed821a663b7328c1b5f9

  • SHA512

    74a1211be7786587cd317c03b85d70a33770703c7c869a9d46635fdd73803c51b379fff46caa6e0abe38b038c882b069ca92968f0ca56f73e96b250f19291645

  • SSDEEP

    3072:ivQjEf2YpMbdAUXJsl+VH6kVcUf2cci90o5D/kzFAgRGwB/gJj1yHrm+fQJGESXa:g6AUOdOH2TLykJfcHRyHrtfQJGfX3K

Score
10/10
stealcstealer

Malware Config

Signatures

  • Stealc

    Stealc is an infostealer written in C++.

    stealerstealc
  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5d8196c00ee263adcb8ae1b51788a6542be0d254def4ed821a663b7328c1b5f9.exe
    "C:\Users\Admin\AppData\Local\Temp\5d8196c00ee263adcb8ae1b51788a6542be0d254def4ed821a663b7328c1b5f9.exe"
    1⤵
      PID:916
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 916 -s 1108
        2⤵
        • Program crash
        PID:2192
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 436 -p 916 -ip 916
      1⤵
        PID:3388

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/916-1-0x0000000004120000-0x0000000004220000-memory.dmp

        Filesize

        1024KB

        Download

      • memory/916-2-0x0000000005C00000-0x0000000005C27000-memory.dmp

        Filesize

        156KB

        Download

      • memory/916-3-0x0000000000400000-0x000000000403D000-memory.dmp

        Filesize

        60.2MB

        Download

      • memory/916-4-0x0000000000400000-0x000000000403D000-memory.dmp

        Filesize

        60.2MB

        Download