Overview
overview
8Static
static
1Trap-Stealer.rar
windows10-2004-x64
3Trap-Steal...sample
windows10-2004-x64
3Trap-Steal...sample
windows10-2004-x64
3Trap-Steal...sample
windows10-2004-x64
3Trap-Steal...sample
windows10-2004-x64
3Trap-Steal...sample
windows10-2004-x64
3Trap-Steal...sample
windows10-2004-x64
3Trap-Steal...sample
windows10-2004-x64
3Trap-Steal...sample
windows10-2004-x64
3Trap-Steal...sample
windows10-2004-x64
3Trap-Steal...sample
windows10-2004-x64
3Trap-Steal...sample
windows10-2004-x64
3Trap-Steal...sample
windows10-2004-x64
3Trap-Steal...sample
windows10-2004-x64
3Trap-Steal...sample
windows10-2004-x64
3Trap-Steal...er.bat
windows10-2004-x64
1Trap-Steal...der.py
windows10-2004-x64
3Trap-Steal...der.sh
windows10-2004-x64
3Trap-Stealer/index.js
windows10-2004-x64
3Trap-Stealer/main.py
windows10-2004-x64
3Trap-Steal...tor.py
windows10-2004-x64
3Trap-Steal...mat.py
windows10-2004-x64
3Trap-Steal...per.py
windows10-2004-x64
3Trap-Steal...al.bat
windows10-2004-x64
1Trap-Steal...ad.bat
windows10-2004-x64
8Trap-Steal...oad.py
windows10-2004-x64
3Trap-Steal...ler.py
windows10-2004-x64
3Resubmissions
09-07-2024 02:17
240709-cqtpza1err 8Analysis
-
max time kernel
92s -
max time network
98s -
platform
windows10-2004_x64 -
resource
win10v2004-20240704-es -
resource tags
arch:x64arch:x86image:win10v2004-20240704-eslocale:es-esos:windows10-2004-x64systemwindows -
submitted
09-07-2024 02:17
Static task
static1
Behavioral task
behavioral1
Sample
Trap-Stealer.rar
Resource
win10v2004-20240704-es
Behavioral task
behavioral2
Sample
Trap-Stealer/.git/hooks/applypatch-msg.sample
Resource
win10v2004-20240704-es
Behavioral task
behavioral3
Sample
Trap-Stealer/.git/hooks/commit-msg.sample
Resource
win10v2004-20240704-es
Behavioral task
behavioral4
Sample
Trap-Stealer/.git/hooks/fsmonitor-watchman.sample
Resource
win10v2004-20240704-es
Behavioral task
behavioral5
Sample
Trap-Stealer/.git/hooks/post-update.sample
Resource
win10v2004-20240704-es
Behavioral task
behavioral6
Sample
Trap-Stealer/.git/hooks/pre-applypatch.sample
Resource
win10v2004-20240708-es
Behavioral task
behavioral7
Sample
Trap-Stealer/.git/hooks/pre-commit.sample
Resource
win10v2004-20240704-es
Behavioral task
behavioral8
Sample
Trap-Stealer/.git/hooks/pre-merge-commit.sample
Resource
win10v2004-20240704-es
Behavioral task
behavioral9
Sample
Trap-Stealer/.git/hooks/pre-push.sample
Resource
win10v2004-20240704-es
Behavioral task
behavioral10
Sample
Trap-Stealer/.git/hooks/pre-rebase.sample
Resource
win10v2004-20240704-es
Behavioral task
behavioral11
Sample
Trap-Stealer/.git/hooks/pre-receive.sample
Resource
win10v2004-20240704-es
Behavioral task
behavioral12
Sample
Trap-Stealer/.git/hooks/prepare-commit-msg.sample
Resource
win10v2004-20240708-es
Behavioral task
behavioral13
Sample
Trap-Stealer/.git/hooks/push-to-checkout.sample
Resource
win10v2004-20240704-es
Behavioral task
behavioral14
Sample
Trap-Stealer/.git/hooks/sendemail-validate.sample
Resource
win10v2004-20240704-es
Behavioral task
behavioral15
Sample
Trap-Stealer/.git/hooks/update.sample
Resource
win10v2004-20240704-es
Behavioral task
behavioral16
Sample
Trap-Stealer/builder.bat
Resource
win10v2004-20240704-es
Behavioral task
behavioral17
Sample
Trap-Stealer/builder.py
Resource
win10v2004-20240704-es
Behavioral task
behavioral18
Sample
Trap-Stealer/builder.sh
Resource
win10v2004-20240704-es
Behavioral task
behavioral19
Sample
Trap-Stealer/index.js
Resource
win10v2004-20240704-es
Behavioral task
behavioral20
Sample
Trap-Stealer/main.py
Resource
win10v2004-20240704-es
Behavioral task
behavioral21
Sample
Trap-Stealer/obfuscator.py
Resource
win10v2004-20240704-es
Behavioral task
behavioral22
Sample
Trap-Stealer/tools/cookie_reformat.py
Resource
win10v2004-20240704-es
Behavioral task
behavioral23
Sample
Trap-Stealer/tools/pumper.py
Resource
win10v2004-20240708-es
Behavioral task
behavioral24
Sample
Trap-Stealer/trap detection/final.bat
Resource
win10v2004-20240704-es
Behavioral task
behavioral25
Sample
Trap-Stealer/trap detection/payload.bat
Resource
win10v2004-20240704-es
Behavioral task
behavioral26
Sample
Trap-Stealer/trap detection/payload.py
Resource
win10v2004-20240704-es
Behavioral task
behavioral27
Sample
Trap-Stealer/trap extension/IBAN_Stealer.py
Resource
win10v2004-20240704-es
General
-
Target
Trap-Stealer/trap detection/final.bat
-
Size
1KB
-
MD5
14ae9511632e6d1074d00a3a586dbb6b
-
SHA1
02190716b6cd5340f26df8c219354d44940da4f7
-
SHA256
2e354bb57bd630705cb071e8fedfaae5576946f298372c4816a5a062bb7ce6f7
-
SHA512
f1ddaede05f1054cf3c851b5090a93bd41925edc3e2fadc1e74c20dc7a9dc9ae4d43cc60e2b122a9a910e65d9e4996580b0c2e1c066652c38410f8fbd39e56bf
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 2 IoCs
Processes:
cmd.exedescription pid process target process PID 3112 wrote to memory of 2976 3112 cmd.exe iexpress.exe PID 3112 wrote to memory of 2976 3112 cmd.exe iexpress.exe
Processes
-
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\Trap-Stealer\trap detection\final.bat"1⤵
- Suspicious use of WriteProcessMemory
PID:3112 -
C:\Windows\system32\iexpress.exeiexpress /n /q /m C:\Users\Admin\AppData\Local\Temp\2exe.sed2⤵PID:2976
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Temp\2exe.sedFilesize
1KB
MD5fdb29417e979601ff9e1a2356ff8d83d
SHA18e6829eaef017c4c30bae2a6be6470ab908e3eef
SHA2563e5f04f8ba9300e3cf7267b5004cf69a58984a02356549dba6b6f4f9ac02d467
SHA5120213c9c590c3a1c824df95d0217c1a3a6b7fad60972dd53283ea38509fe0e63f13ba925f54b0c70e6d88d8e8324dbb292c981e06cf11ba63e64168e996962981